Dbrý den prosím o kontrolu logu. předem děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2013-04-13 17:12:56
Microsoft Windows 7 Starter
System drive C: has 5 GB (7%) free of 82 GB
Total RAM: 1014 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:13:39, on 13.4.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\PC Performer\PCPerformer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Iminent\Iminent.exe
C:\Program Files\Iminent\Iminent.Messengers.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Users\Uživatel\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Uživatel\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Users\Uživatel\Desktop\Downloads\RSIT(1).exe
C:\Program Files\trend micro\Uživatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1193 ... cf304d2a3d
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.abdn.ac.uk:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - (no file)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Users\Uživatel\AppData\Local\GamePlayLabs Plugin\BHO.dll (file missing)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Auto Lyrics - {DAEB9E85-4694-4F9B-85CB-2F28987872D7} - C:\Program Files\AutoLyrics\autolrcs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [EeeSplendidAgent] C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [ASUS WebStorage] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Uživatel\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: bProtector - Unknown owner - C:\ProgramData\bProtector\bProtect.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: SProtection - Iminent - C:\Program Files\Common Files\Umbrella\umbrella.exe
O23 - Service: Software Updater (SrvUpdater) - Unknown owner - C:\Program Files\SoftwareUpdater\UpdaterService.exe
--
End of file - 12128 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\Auto Lyrics Update.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000UA.job
C:\windows\tasks\PC Performer_DEFAULT.job
C:\windows\tasks\PC Performer_UPDATES.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\qsvkxj7g.default
prefs.js - "browser.startup.homepage" - "http://search.babylon.com/?AF=110393&ba ... f06d71f2e8"
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"webbooster@iminent.com"=C:\Program Files\Iminent\webbooster@iminent.com
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-08 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll [2012-11-06 183112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Users\Uživatel\AppData\Local\GamePlayLabs Plugin\BHO.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
IMinent WebBooster (BHO) - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll [2013-01-22 245840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-03-19 4529272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}]
Auto Lyrics - C:\Program Files\AutoLyrics\autolrcs.dll [2013-02-28 109568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-08 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll [2012-11-06 183112]
{98889811-442D-49dd-99D7-DC866BE87DBC}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"EeeSplendidAgent"=C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe []
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-03-30 415920]
"ASUS WebStorage"=C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-04-27 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-04-27 173592]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-04-27 150552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-27 9177632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-13 1594664]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2010-06-28 2018032]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2010-04-13 83240]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2011-10-25 103896]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-01-16 421736]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Iminent"=C:\Program Files\Iminent\Iminent.exe [2013-01-25 1074736]
"IminentMessenger"=C:\Program Files\Iminent\Iminent.Messengers.exe [2013-01-25 884784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2013-01-07 446648]
"Akamai NetSession Interface"=C:\Users\Uživatel\AppData\Local\Akamai\netsession_win.exe [2013-01-26 4480768]
"GameXN GO"=C:\ProgramData\GameXN\GameXNGO.exe [2012-03-16 347008]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-04-27 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"vidc.ffds"=ffdshow.ax
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-04-13 17:12:59 ----D---- C:\Program Files\trend micro
2013-04-13 17:12:56 ----D---- C:\rsit
2013-04-13 10:50:17 ----D---- C:\Program Files\Mozilla Firefox
2013-04-13 10:23:19 ----A---- C:\windows\system32\mshtmled.dll
2013-04-13 10:23:18 ----A---- C:\windows\system32\vbscript.dll
2013-04-13 10:23:16 ----A---- C:\windows\system32\jsproxy.dll
2013-04-13 10:23:13 ----A---- C:\windows\system32\ieui.dll
2013-04-13 10:23:12 ----A---- C:\windows\system32\ieUnatt.exe
2013-04-13 10:23:11 ----A---- C:\windows\system32\msfeeds.dll
2013-04-13 10:23:09 ----A---- C:\windows\system32\wininet.dll
2013-04-13 10:23:09 ----A---- C:\windows\system32\jscript.dll
2013-04-13 10:23:07 ----A---- C:\windows\system32\jscript9.dll
2013-04-13 10:23:06 ----A---- C:\windows\system32\url.dll
2013-04-13 10:23:03 ----A---- C:\windows\system32\iertutil.dll
2013-04-13 10:23:01 ----A---- C:\windows\system32\urlmon.dll
2013-04-13 10:22:54 ----A---- C:\windows\system32\mshtml.dll
2013-04-13 10:22:52 ----A---- C:\windows\system32\ieframe.dll
2013-04-12 13:20:52 ----A---- C:\windows\system32\win32k.sys
2013-04-12 13:20:50 ----A---- C:\windows\system32\drivers\fvevol.sys
2013-04-12 13:20:46 ----A---- C:\windows\system32\ntoskrnl.exe
2013-04-12 13:20:46 ----A---- C:\windows\system32\ntkrnlpa.exe
2013-04-12 13:20:45 ----A---- C:\windows\system32\smss.exe
2013-04-12 13:20:45 ----A---- C:\windows\system32\csrsrv.dll
2013-04-12 13:20:39 ----A---- C:\windows\system32\mstscax.dll
2013-04-12 13:20:38 ----A---- C:\windows\system32\tsgqec.dll
2013-04-12 13:20:38 ----A---- C:\windows\system32\aaclient.dll
2013-04-01 22:20:52 ----ASH---- C:\pagefile.sys
2013-03-25 18:41:33 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-03-21 13:03:03 ----D---- C:\windows\system32\EventProviders
2013-03-20 22:36:29 ----A---- C:\windows\system32\drivers\usb8023.sys
======List of files/folders modified in the last 1 month======
2013-04-13 17:13:25 ----D---- C:\ProgramData\GameXN
2013-04-13 17:12:59 ----RD---- C:\Program Files
2013-04-13 17:11:02 ----D---- C:\Users\Uživatel\AppData\Roaming\Skype
2013-04-13 17:07:18 ----D---- C:\windows\System32
2013-04-13 17:07:18 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-04-13 17:06:44 ----D---- C:\windows\Temp
2013-04-13 17:06:13 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-13 17:03:22 ----D---- C:\Users\Uživatel\AppData\Roaming\go
2013-04-13 16:59:56 ----D---- C:\windows\winsxs
2013-04-13 16:59:31 ----D---- C:\windows\system32\config
2013-04-13 16:56:33 ----D---- C:\windows\system32\drivers
2013-04-13 16:56:32 ----D---- C:\windows\system32\migration
2013-04-13 16:56:32 ----D---- C:\Program Files\Internet Explorer
2013-04-13 16:06:34 ----D---- C:\Users\Uživatel\AppData\Roaming\SoftGrid Client
2013-04-13 16:01:10 ----D---- C:\windows\system32\Tasks
2013-04-13 10:24:22 ----D---- C:\windows\system32\catroot
2013-04-13 10:24:21 ----D---- C:\windows\system32\catroot2
2013-04-13 10:09:42 ----A---- C:\windows\system32\MRT.exe
2013-04-13 10:08:26 ----SHD---- C:\System Volume Information
2013-04-13 10:03:34 ----D---- C:\Program Files\Common Files\Umbrella
2013-04-12 13:09:16 ----SHD---- C:\windows\Installer
2013-04-12 13:09:14 ----SHD---- C:\Config.Msi
2013-04-12 13:09:08 ----RD---- C:\Program Files\Skype
2013-04-12 13:09:08 ----D---- C:\ProgramData\Skype
2013-04-10 15:05:11 ----AD---- C:\ProgramData\TEMP
2013-03-25 18:45:00 ----SD---- C:\Users\Uživatel\AppData\Roaming\Microsoft
2013-03-25 18:44:52 ----D---- C:\ProgramData\Adobe
2013-03-25 18:41:37 ----D---- C:\windows\Tasks
2013-03-25 00:04:44 ----D---- C:\windows\Prefetch
2013-03-22 19:58:13 ----D---- C:\ProgramData\Sony Ericsson
2013-03-22 19:57:29 ----D---- C:\Program Files\Sony Ericsson
2013-03-21 13:26:47 ----D---- C:\windows\system32\DriverStore
2013-03-14 18:46:00 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 18:21:29 ----D---- C:\windows\debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-13 43944]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-04-13 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-04-13 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-04-13 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-04-13 18344]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-04-27 4806144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-04-27 3084256]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2010-04-13 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-13 51712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-04-13 230448]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393216]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2011-08-02 42496]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-03 582944]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IBUpdaterService;Updater Service; C:\ProgramData\IBUpdaterService\ibsvc.exe [2012-06-04 398392]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-10-25 793048]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-19 3289208]
R2 SProtection;SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2013-04-12 2795048]
R2 SrvUpdater;Software Updater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [2013-01-02 31744]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-01-16 821608]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 bProtector;bProtector; C:\ProgramData\bProtector\bProtect.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 253656]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-13 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
Zdravím. 
Vydrž minutku, na logu se intenzivně pracuje.
Vydrž minutku, na logu se intenzivně pracuje.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
Mno, tady bude více práce... zodpovědně zaliskáno, neaktualizováno a hlavně nezabezpečeno... 
Zdá se mi to nebo nevidím v logu antivir? To je docela chyba. Má cenu Ti čistit zavirovaný počítač, když nehodláš používat jeho ochranu? Chci Tvé slovo, že po odvirování tento nedostatek napravíš nainstalováním jedné z free variant antiviru Avast, Avira nebo MSE!
Odinstaluj McAfee Security Scan Plus. Po odinstalaci ještě spusť tento jejich odinstalátor (klik) - odebere případné nechtěné zbytky.
Program Skype odeber v jeho nastaveních ze spouštění při náběhu systému - dost zdržuje. Program spouštěj jen v případě nutnosti ručně až po náběhu systému.
Proveď zatím tyto kroky a napiš mi, až budeš hotov + vyjádření k antiviru.
Zdá se mi to nebo nevidím v logu antivir? To je docela chyba. Má cenu Ti čistit zavirovaný počítač, když nehodláš používat jeho ochranu? Chci Tvé slovo, že po odvirování tento nedostatek napravíš nainstalováním jedné z free variant antiviru Avast, Avira nebo MSE! Odinstaluj McAfee Security Scan Plus. Po odinstalaci ještě spusť tento jejich odinstalátor (klik) - odebere případné nechtěné zbytky. Program Skype odeber v jeho nastaveních ze spouštění při náběhu systému - dost zdržuje. Program spouštěj jen v případě nutnosti ručně až po náběhu systému. Proveď zatím tyto kroky a napiš mi, až budeš hotov + vyjádření k antiviru.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomalé PC
vše provedeno antivir stáhnu
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
OK, beru. 
Tak se do toho obujeme, máš tam toho dost na práci. Čti návody pečlivě, nic nevynechej!
Stáhni RKill z tohoto odkazu - http://download.bleepingcomputer.com/grinler/rkill.com
PROSÍM, ČTI NÁVOD DŮKLADNĚ - TATO UTILITA MÁ VELKOU SCHOPNOST MAZAT A JE NUTNÉ JI APLIKOVAT JEN NA DOPORUČENÍ RÁDCE TOHOTO FÓRA, JINAK TI MŮŽE JÍT SYSTÉM DO KYTEK
Stáhni a ulož na Plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Tak se do toho obujeme, máš tam toho dost na práci. Čti návody pečlivě, nic nevynechej!
Stáhni RKill z tohoto odkazu - http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havěť blokuje, použij jeden z následujících (i ty přejmenované):
- RKill EXE - http://download.bleepingcomputer.com/grinler/rkill.exe
RKill iExplore.exe - http://download.bleepingcomputer.com/gr ... xplore.exe
RKill uSeRiNiT.exe - http://download.bleepingcomputer.com/gr ... eRiNiT.exe
RKill WiNlOgOn.exe - http://download.bleepingcomputer.com/gr ... NlOgOn.exe
- RKill EXE - http://download.bleepingcomputer.com/grinler/rkill.exe
- Utilitu ulož nejlépe na Plochu a ukonči všechny aplikace (jinak to RKill udělá za Tebe)!
- Spusť dvojklikem - program proběhne téměř okamžitě a ukončí i svou činnost.
- RKill ukončí všechny nesystémové procesy - tedy i procesy, pod kterými běží havěť.
- Na Ploše vznikne log RKill.txt - ten mi sem vlož.
- TEĎ NERESTARTUJ PC - přišel bys o účinek RKillu!!
PROSÍM, ČTI NÁVOD DŮKLADNĚ - TATO UTILITA MÁ VELKOU SCHOPNOST MAZAT A JE NUTNÉ JI APLIKOVAT JEN NA DOPORUČENÍ RÁDCE TOHOTO FÓRA, JINAK TI MŮŽE JÍT SYSTÉM DO KYTEK Stáhni a ulož na Plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypni všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary apod.
- Vypni všechny běžící aplikace - ICQ, Skype, browsery, prostě všechny programy, ať běží pouze ComboFix.
- Pokud máš operační systém Windows Vista či Windows 7, klikni na ComboFix pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Ihned po startu se zobrazí stránka s licenčním ujednáním - pokračuj kliknutím na [Ano].
- Pokud Ti ComboFix nabídne instalaci Konzoly pro zotavení, tak souhlas.
- Dále postupuj dle pokynů. Během scanu nech PC naprosto v klidu - nespouštěj žádné aplikace a neklikej do zobrazujícího se okna!
- Scan by měl trvat cca 10 min, ale pokud bude PC hodne zaneseno, může se čas samozřejmě prodloužit.
- Po dokončení scanu a případném restartu ComboFix zobrazí log, který případně najdeš v C:\ComboFix.txt. Jeho obsah mi sem vlož.
- Detailní postup včetně obrázků najdeš zde: http://www.bleepingcomputer.com/combofi ... t-combofix
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomalé PC
Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 04/13/2013 07:10:14 PM in x86 mode.
Windows Version: Windows 7 Starter
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Windows\System32\AsusService.exe (PID: 1588) [WD-HEUR]
1 proccess terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* SensrSvc [Missing Service]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 04/13/2013 07:10:48 PM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 04/13/2013 07:10:14 PM in x86 mode.
Windows Version: Windows 7 Starter
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Windows\System32\AsusService.exe (PID: 1588) [WD-HEUR]
1 proccess terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* SensrSvc [Missing Service]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 04/13/2013 07:10:48 PM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
Tak na nic nečekej a hoď sem log hned i z ComboFixu.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomalé PC
ComboFix 13-04-12.02 - Uživatel 13.04.2013 20:15:54.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1250.420.1029.18.1014.224 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Windows Live\Messenger\msacm32.dll
c:\programdata\FullRemove.exe
c:\windows\PFRO.log
c:\windows\system32\roboot.exe
c:\windows\system32\service
c:\windows\system32\service\01032011_TIS17_SfFniAU.log
c:\windows\system32\service\02122011_TIS17_SfFniAU.log
c:\windows\system32\service\03022011_TIS17_PccScan.log
c:\windows\system32\service\03032011_TIS17_SfFniAU.log
c:\windows\system32\service\03042011_TIS17_PccScan.log
c:\windows\system32\service\04082011_TIS17_SfFniAU.log
c:\windows\system32\service\04122010_TIS17_SfFniAU.log
c:\windows\system32\service\05022011_TIS17_SfFniAU.log
c:\windows\system32\service\08102010_TIS17_SfFniAU.log
c:\windows\system32\service\09062011_TIS17_SfFniAU.log
c:\windows\system32\service\09102010_TIS17_PccScan.log
c:\windows\system32\service\11032012_TIS17_SfFniAU.log
c:\windows\system32\service\12012011_TIS17_SfFniAU.log
c:\windows\system32\service\12082011_TIS17_SfFniAU.log
c:\windows\system32\service\12122010_TIS17_PccScan.log
c:\windows\system32\service\13122011_TIS17_SfFniAU.log
c:\windows\system32\service\14122011_TIS17_SfFniAU.log
c:\windows\system32\service\15012013_TIS17_SfFniAU.log
c:\windows\system32\service\15122011_TIS17_SfFniAU.log
c:\windows\system32\service\16012013_TIS17_SfFniAU.log
c:\windows\system32\service\16032012_TIS17_SfFniAU.log
c:\windows\system32\service\16042012_TIS17_SfFniAU.log
c:\windows\system32\service\16082011_TIS17_SfFniAU.log
c:\windows\system32\service\17112010_TIS17_PccScan.log
c:\windows\system32\service\18122010_TIS17_SfFniAU.log
c:\windows\system32\service\19032011_TIS17_SfFniAU.log
c:\windows\system32\service\20122011_TIS17_SfFniAU.log
c:\windows\system32\service\21072012_TIS17_SfFniAU.log
c:\windows\system32\service\21122011_TIS17_SfFniAU.log
c:\windows\system32\service\22012012_TIS17_SfFniAU.log
c:\windows\system32\service\22022011_TIS17_SfFniAU.log
c:\windows\system32\service\22082012_TIS17_SfFniAU.log
c:\windows\system32\service\23012011_TIS17_SfFniAU.log
c:\windows\system32\service\24022011_TIS17_SfFniAU.log
c:\windows\system32\service\24122010_TIS17_SfFniAU.log
c:\windows\system32\service\25062012_TIS17_SfFniAU.log
c:\windows\system32\service\25082011_TIS17_SfFniAU.log
c:\windows\system32\service\25112010_TIS17_SfFniAU.log
c:\windows\system32\service\26022013_TIS17_SfFniAU.log
c:\windows\system32\service\26052012_TIS17_SfFniAU.log
c:\windows\system32\service\28042012_TIS17_SfFniAU.log
c:\windows\system32\service\28062011_TIS17_SfFniAU.log
c:\windows\system32\service\29102010_TIS17_PccScan.log
c:\windows\system32\service\29102010_TIS17_SfFniAU.log
c:\windows\system32\service\30052011_TIS17_SfFniAU.log
c:\windows\system32\service\31012011_TIS17_SfFniAU.log
c:\windows\system32\service\31012012_TIS17_SfFniAU.log
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_bProtector
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-13 do 2013-04-13 )))))))))))))))))))))))))))))))
.
.
2013-04-13 18:33 . 2013-04-13 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-13 18:08 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\mpengine.dll
2013-04-13 18:08 . 2013-03-11 23:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 15:12 . 2013-04-13 15:13 -------- d-----w- c:\program files\trend micro
2013-04-13 15:12 . 2013-04-13 15:14 -------- d-----w- C:\rsit
2013-04-12 11:20 . 2013-03-01 03:11 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-04-12 11:20 . 2013-01-24 04:51 195816 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-12 11:20 . 2013-03-19 05:06 3958120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 11:20 . 2013-03-19 05:06 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-12 11:20 . 2013-03-19 04:54 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-12 11:20 . 2013-03-19 02:50 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-12 11:20 . 2013-02-12 15:13 2691072 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 11:20 . 2013-02-12 15:07 131072 ----a-w- c:\windows\system32\aaclient.dll
2013-04-12 11:20 . 2013-02-12 13:59 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-25 16:45 . 2013-03-25 16:45 -------- d-----w- c:\users\Uživatel\AppData\Local\Macromedia
2013-03-25 16:41 . 2013-03-25 16:44 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-21 11:03 . 2013-03-21 11:03 -------- d-----w- c:\windows\system32\EventProviders
2013-03-20 20:36 . 2013-02-12 13:51 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-25 16:44 . 2011-11-30 13:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-03 23:30 . 2013-02-03 23:30 0 ----a-w- c:\windows\system32\sho6A67.tmp
2013-04-13 08:50 . 2013-04-13 08:50 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2012-11-06 13:01 183112 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}]
2013-02-27 23:14 109568 ----a-w- c:\program files\AutoLyrics\autolrcs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
"Akamai NetSession Interface"="c:\users\Uživatel\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"GameXN GO"="c:\programdata\GameXN\GameXNGO.exe" [2012-03-16 347008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"LiveUpdate"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUS WebStorage"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-27 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-27 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-27 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-13 1594664]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-06-28 2018032]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2010-04-13 83240]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Iminent"="c:\program files\Iminent\Iminent.exe" [2013-01-25 1074736]
"IminentMessenger"="c:\program files\Iminent\Iminent.Messengers.exe" [2013-01-25 884784]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 795936]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SProtection;SProtection;c:\program files\Common Files\Umbrella\umbrella.exe [x]
S2 SrvUpdater;Software Updater;c:\program files\SoftwareUpdater\UpdaterService.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 16:44]
.
2013-04-13 c:\windows\Tasks\Auto Lyrics Update.job
- c:\program files\AutoLyrics\AutoLyricsUpdater.exe [2013-02-27 23:14]
.
2013-04-13 c:\windows\Tasks\PC Performer_DEFAULT.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
2013-03-27 c:\windows\Tasks\PC Performer_UPDATES.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119394&babs ... cf304d2a3d
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = proxy.abdn.ac.uk:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\qsvkxj7g.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=110393&babsrc=HP_ss&mntrId=943cc2ab00000000000074f06d71f2e8
FF - ExtSQL: 2013-03-03 17:23; autolyrics@man-soft.net; c:\program files\AutoLyrics\FF
FF - ExtSQL: 2013-03-04 20:12; webbooster@iminent.com; c:\program files\Iminent\webbooster@iminent.com
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{dd02a4eb-4afd-4d60-99d8-e67f964ca813} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - (no file)
HKLM-Run-EeeSplendidAgent - c:\program files\ASUS\EPC\EeeSplendid\AsAgent.exe
AddRemove-IMBoosterARP - c:\program files\Iminent\inst\Bootstrapper\Bootstrapper.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1192)
c:\progra~1\ASUS\ASUSWE~1\service\ASUSWS~1.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-04-13 20:43:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-13 18:43
.
Před spuštěním: 6 526 836 736
Po spuštění: 6 656 823 296
.
- - End Of File - - 814AA82246CDAF5AF992FCEFD621FDD6
Microsoft Windows 7 Starter 6.1.7600.0.1250.420.1029.18.1014.224 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Windows Live\Messenger\msacm32.dll
c:\programdata\FullRemove.exe
c:\windows\PFRO.log
c:\windows\system32\roboot.exe
c:\windows\system32\service
c:\windows\system32\service\01032011_TIS17_SfFniAU.log
c:\windows\system32\service\02122011_TIS17_SfFniAU.log
c:\windows\system32\service\03022011_TIS17_PccScan.log
c:\windows\system32\service\03032011_TIS17_SfFniAU.log
c:\windows\system32\service\03042011_TIS17_PccScan.log
c:\windows\system32\service\04082011_TIS17_SfFniAU.log
c:\windows\system32\service\04122010_TIS17_SfFniAU.log
c:\windows\system32\service\05022011_TIS17_SfFniAU.log
c:\windows\system32\service\08102010_TIS17_SfFniAU.log
c:\windows\system32\service\09062011_TIS17_SfFniAU.log
c:\windows\system32\service\09102010_TIS17_PccScan.log
c:\windows\system32\service\11032012_TIS17_SfFniAU.log
c:\windows\system32\service\12012011_TIS17_SfFniAU.log
c:\windows\system32\service\12082011_TIS17_SfFniAU.log
c:\windows\system32\service\12122010_TIS17_PccScan.log
c:\windows\system32\service\13122011_TIS17_SfFniAU.log
c:\windows\system32\service\14122011_TIS17_SfFniAU.log
c:\windows\system32\service\15012013_TIS17_SfFniAU.log
c:\windows\system32\service\15122011_TIS17_SfFniAU.log
c:\windows\system32\service\16012013_TIS17_SfFniAU.log
c:\windows\system32\service\16032012_TIS17_SfFniAU.log
c:\windows\system32\service\16042012_TIS17_SfFniAU.log
c:\windows\system32\service\16082011_TIS17_SfFniAU.log
c:\windows\system32\service\17112010_TIS17_PccScan.log
c:\windows\system32\service\18122010_TIS17_SfFniAU.log
c:\windows\system32\service\19032011_TIS17_SfFniAU.log
c:\windows\system32\service\20122011_TIS17_SfFniAU.log
c:\windows\system32\service\21072012_TIS17_SfFniAU.log
c:\windows\system32\service\21122011_TIS17_SfFniAU.log
c:\windows\system32\service\22012012_TIS17_SfFniAU.log
c:\windows\system32\service\22022011_TIS17_SfFniAU.log
c:\windows\system32\service\22082012_TIS17_SfFniAU.log
c:\windows\system32\service\23012011_TIS17_SfFniAU.log
c:\windows\system32\service\24022011_TIS17_SfFniAU.log
c:\windows\system32\service\24122010_TIS17_SfFniAU.log
c:\windows\system32\service\25062012_TIS17_SfFniAU.log
c:\windows\system32\service\25082011_TIS17_SfFniAU.log
c:\windows\system32\service\25112010_TIS17_SfFniAU.log
c:\windows\system32\service\26022013_TIS17_SfFniAU.log
c:\windows\system32\service\26052012_TIS17_SfFniAU.log
c:\windows\system32\service\28042012_TIS17_SfFniAU.log
c:\windows\system32\service\28062011_TIS17_SfFniAU.log
c:\windows\system32\service\29102010_TIS17_PccScan.log
c:\windows\system32\service\29102010_TIS17_SfFniAU.log
c:\windows\system32\service\30052011_TIS17_SfFniAU.log
c:\windows\system32\service\31012011_TIS17_SfFniAU.log
c:\windows\system32\service\31012012_TIS17_SfFniAU.log
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_bProtector
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-13 do 2013-04-13 )))))))))))))))))))))))))))))))
.
.
2013-04-13 18:33 . 2013-04-13 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-13 18:08 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\mpengine.dll
2013-04-13 18:08 . 2013-03-11 23:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 15:12 . 2013-04-13 15:13 -------- d-----w- c:\program files\trend micro
2013-04-13 15:12 . 2013-04-13 15:14 -------- d-----w- C:\rsit
2013-04-12 11:20 . 2013-03-01 03:11 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-04-12 11:20 . 2013-01-24 04:51 195816 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-12 11:20 . 2013-03-19 05:06 3958120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 11:20 . 2013-03-19 05:06 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-12 11:20 . 2013-03-19 04:54 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-12 11:20 . 2013-03-19 02:50 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-12 11:20 . 2013-02-12 15:13 2691072 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 11:20 . 2013-02-12 15:07 131072 ----a-w- c:\windows\system32\aaclient.dll
2013-04-12 11:20 . 2013-02-12 13:59 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-25 16:45 . 2013-03-25 16:45 -------- d-----w- c:\users\Uživatel\AppData\Local\Macromedia
2013-03-25 16:41 . 2013-03-25 16:44 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-21 11:03 . 2013-03-21 11:03 -------- d-----w- c:\windows\system32\EventProviders
2013-03-20 20:36 . 2013-02-12 13:51 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-25 16:44 . 2011-11-30 13:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-03 23:30 . 2013-02-03 23:30 0 ----a-w- c:\windows\system32\sho6A67.tmp
2013-04-13 08:50 . 2013-04-13 08:50 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2012-11-06 13:01 183112 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}]
2013-02-27 23:14 109568 ----a-w- c:\program files\AutoLyrics\autolrcs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
"Akamai NetSession Interface"="c:\users\Uživatel\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"GameXN GO"="c:\programdata\GameXN\GameXNGO.exe" [2012-03-16 347008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"LiveUpdate"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUS WebStorage"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-27 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-27 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-27 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-13 1594664]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-06-28 2018032]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2010-04-13 83240]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Iminent"="c:\program files\Iminent\Iminent.exe" [2013-01-25 1074736]
"IminentMessenger"="c:\program files\Iminent\Iminent.Messengers.exe" [2013-01-25 884784]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 795936]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SProtection;SProtection;c:\program files\Common Files\Umbrella\umbrella.exe [x]
S2 SrvUpdater;Software Updater;c:\program files\SoftwareUpdater\UpdaterService.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 16:44]
.
2013-04-13 c:\windows\Tasks\Auto Lyrics Update.job
- c:\program files\AutoLyrics\AutoLyricsUpdater.exe [2013-02-27 23:14]
.
2013-04-13 c:\windows\Tasks\PC Performer_DEFAULT.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
2013-03-27 c:\windows\Tasks\PC Performer_UPDATES.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119394&babs ... cf304d2a3d
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = proxy.abdn.ac.uk:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\qsvkxj7g.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=110393&babsrc=HP_ss&mntrId=943cc2ab00000000000074f06d71f2e8
FF - ExtSQL: 2013-03-03 17:23; autolyrics@man-soft.net; c:\program files\AutoLyrics\FF
FF - ExtSQL: 2013-03-04 20:12; webbooster@iminent.com; c:\program files\Iminent\webbooster@iminent.com
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{dd02a4eb-4afd-4d60-99d8-e67f964ca813} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - (no file)
HKLM-Run-EeeSplendidAgent - c:\program files\ASUS\EPC\EeeSplendid\AsAgent.exe
AddRemove-IMBoosterARP - c:\program files\Iminent\inst\Bootstrapper\Bootstrapper.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1192)
c:\progra~1\ASUS\ASUSWE~1\service\ASUSWS~1.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-04-13 20:43:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-13 18:43
.
Před spuštěním: 6 526 836 736
Po spuštění: 6 656 823 296
.
- - End Of File - - 814AA82246CDAF5AF992FCEFD621FDD6
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
No konečně, cos tam tak dlouho prováděl? 
Přesuň prosím ComboFix přímo na kořenový disk C:\. Máš jméno PC Uživatel a s češtinou si ComboFix neporadí!
- Otevři si Poznámkový blok (Start >> Spustit... (nebo Win+R) >> do okénka napiš notepad >> stiskni [Enter]).
- Zkopíruj do něj tento script (pouze zelená písmenka v bílém poli!):
Kód: Vybrat vše
KillAll::
File::
c:\windows\system32\sho6A67.tmp
c:\program files\DVDVideoSoftTB\prxtbDVD2.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\Auto Lyrics Update.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000UA.job
C:\windows\tasks\PC Performer_DEFAULT.job
C:\windows\tasks\PC Performer_UPDATES.job
Folder::
c:\users\Uživatel\AppData\Local\Akamai
c:\program files\Iminent
c:\program files\McAfee Security Scan
c:\programdata\IBUpdaterService
c:\program files\Common Files\Umbrella
c:\program files\SoftwareUpdater
Driver::
SkypeUpdate
McComponentHostService
IBUpdaterService
Skype C2C Service
SProtection
SrvUpdater
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"=-
[-HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}]
[-HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
"Akamai NetSession Interface"=-
"GameXN GO"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-
"HotKeysCmds"=-
"Persistence"=-
"ASUSPRP"=-
"DivXUpdate"=-
"QuickTime Task"=-
"iTunesHelper"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"Iminent"=-
"IminentMessenger"=-
DDS::
uStart Page = hxxp://www.delta-search.com/?affID=1193 ... cf304d2a3d
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = proxy.abdn.ac.uk:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Firefox::
FF - ProfilePath - c:\users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\qsvkxj7g.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=110393&ba ... f06d71f2e8
FF - ExtSQL: 2013-03-03 17:23; autolyrics@man-soft.net; c:\program files\AutoLyrics\FF
FF - ExtSQL: 2013-03-04 20:12; webbooster@iminent.com; c:\program files\Iminent\webbooster@iminent.com
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
ClearJavaCache::
AtJob::
Reboot::- Ulož vytvořený TXT jako CFScript.txt
- Přetáhni vytvořený CFScript.txt nad ComboFix a pusť (viz obrázek).
- Po aplikaci scriptu (a případném restartu PC) na Tebe vyskočí log. Jeho obsah mi sem vlož.
Může se stát, že po aplikaci scriptu nenaběhnou Windows. V tom případě restartuj PC, hned při náběhu mačkej klávesu F8 a zvol Poslední známou konfiguraci.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomalé PC
ComboFix 13-04-12.02 - Uživatel 14.04.2013 15:50:32.2.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1014.298 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\U×ivatel\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-14 do 2013-04-14 )))))))))))))))))))))))))))))))
.
.
2013-04-14 14:06 . 2013-04-14 14:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-14 12:58 . 2013-04-14 14:01 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\offreg.dll
2013-04-14 12:48 . 2013-04-14 12:48 -------- d-----w- c:\windows\system32\SPReview
2013-04-14 11:59 . 2013-04-14 11:59 -------- d-----w- c:\programdata\McAfee
2013-04-14 11:55 . 2013-04-14 11:55 -------- d-----w- c:\program files\Common Files\Java
2013-04-14 11:55 . 2013-04-14 11:54 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-14 11:54 . 2013-04-14 11:54 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-14 11:54 . 2013-04-14 11:54 -------- d-----w- c:\program files\Java
2013-04-13 18:08 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\mpengine.dll
2013-04-13 18:08 . 2013-03-11 23:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 15:12 . 2013-04-13 15:13 -------- d-----w- c:\program files\trend micro
2013-04-13 15:12 . 2013-04-13 15:14 -------- d-----w- C:\rsit
2013-04-12 11:20 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-12 11:20 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-12 11:20 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-12 11:20 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 11:20 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-12 11:20 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-12 11:20 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 11:20 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-12 11:20 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-25 16:45 . 2013-03-25 16:45 -------- d-----w- c:\users\Uživatel\AppData\Local\Macromedia
2013-03-25 16:41 . 2013-03-25 16:44 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-21 11:03 . 2013-03-21 11:03 -------- d-----w- c:\windows\system32\EventProviders
2013-03-20 20:36 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 13:09 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-04-14 11:54 . 2012-04-08 16:00 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-25 16:44 . 2011-11-30 13:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-03 23:30 . 2013-02-03 23:30 0 ----a-w- c:\windows\system32\sho6A67.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2012-11-06 13:01 183112 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}]
2013-02-27 23:14 109568 ----a-w- c:\program files\AutoLyrics\autolrcs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
"Akamai NetSession Interface"="c:\users\Uživatel\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"LiveUpdate"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUS WebStorage"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-27 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-27 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-27 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-13 1594664]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-06-28 2018032]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2010-04-13 83240]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Iminent"="c:\program files\Iminent\Iminent.exe" [2013-01-25 1074736]
"IminentMessenger"="c:\program files\Iminent\Iminent.Messengers.exe" [2013-01-25 884784]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-04-14 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SProtection;SProtection;c:\program files\Common Files\Umbrella\umbrella.exe [x]
S2 SrvUpdater;Software Updater;c:\program files\SoftwareUpdater\UpdaterService.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 16:44]
.
2013-04-14 c:\windows\Tasks\Auto Lyrics Update.job
- c:\program files\AutoLyrics\AutoLyricsUpdater.exe [2013-02-27 23:14]
.
2013-04-14 c:\windows\Tasks\PC Performer_DEFAULT.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
2013-03-27 c:\windows\Tasks\PC Performer_UPDATES.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119394&babs ... cf304d2a3d
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = proxy.abdn.ac.uk:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-GameXN GO - c:\programdata\GameXN\GameXNGO.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5876)
c:\progra~1\ASUS\ASUSWE~1\service\ASUSWS~1.DLL
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
.
Celkový čas: 2013-04-14 16:11:54
ComboFix-quarantined-files.txt 2013-04-14 14:11
ComboFix2.txt 2013-04-13 18:43
.
Před spuštěním: 9 661 493 248
Po spuštění: 9 585 283 072
.
- - End Of File - - AFED026E0FA02EE0489A311B4F119622
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1014.298 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\U×ivatel\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-14 do 2013-04-14 )))))))))))))))))))))))))))))))
.
.
2013-04-14 14:06 . 2013-04-14 14:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-14 12:58 . 2013-04-14 14:01 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\offreg.dll
2013-04-14 12:48 . 2013-04-14 12:48 -------- d-----w- c:\windows\system32\SPReview
2013-04-14 11:59 . 2013-04-14 11:59 -------- d-----w- c:\programdata\McAfee
2013-04-14 11:55 . 2013-04-14 11:55 -------- d-----w- c:\program files\Common Files\Java
2013-04-14 11:55 . 2013-04-14 11:54 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-14 11:54 . 2013-04-14 11:54 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-14 11:54 . 2013-04-14 11:54 -------- d-----w- c:\program files\Java
2013-04-13 18:08 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\mpengine.dll
2013-04-13 18:08 . 2013-03-11 23:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 15:12 . 2013-04-13 15:13 -------- d-----w- c:\program files\trend micro
2013-04-13 15:12 . 2013-04-13 15:14 -------- d-----w- C:\rsit
2013-04-12 11:20 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-12 11:20 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-12 11:20 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-12 11:20 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 11:20 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-12 11:20 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-12 11:20 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 11:20 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-12 11:20 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-25 16:45 . 2013-03-25 16:45 -------- d-----w- c:\users\Uživatel\AppData\Local\Macromedia
2013-03-25 16:41 . 2013-03-25 16:44 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-21 11:03 . 2013-03-21 11:03 -------- d-----w- c:\windows\system32\EventProviders
2013-03-20 20:36 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 13:09 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-04-14 11:54 . 2012-04-08 16:00 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-25 16:44 . 2011-11-30 13:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-03 23:30 . 2013-02-03 23:30 0 ----a-w- c:\windows\system32\sho6A67.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2012-11-06 13:01 183112 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}]
2013-02-27 23:14 109568 ----a-w- c:\program files\AutoLyrics\autolrcs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
"Akamai NetSession Interface"="c:\users\Uživatel\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"LiveUpdate"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUS WebStorage"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-27 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-27 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-27 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-13 1594664]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-06-28 2018032]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2010-04-13 83240]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Iminent"="c:\program files\Iminent\Iminent.exe" [2013-01-25 1074736]
"IminentMessenger"="c:\program files\Iminent\Iminent.Messengers.exe" [2013-01-25 884784]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-04-14 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SProtection;SProtection;c:\program files\Common Files\Umbrella\umbrella.exe [x]
S2 SrvUpdater;Software Updater;c:\program files\SoftwareUpdater\UpdaterService.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 16:44]
.
2013-04-14 c:\windows\Tasks\Auto Lyrics Update.job
- c:\program files\AutoLyrics\AutoLyricsUpdater.exe [2013-02-27 23:14]
.
2013-04-14 c:\windows\Tasks\PC Performer_DEFAULT.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
2013-03-27 c:\windows\Tasks\PC Performer_UPDATES.job
- c:\program files\PC Performer\PCPerformer.exe [2012-06-04 13:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119394&babs ... cf304d2a3d
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = proxy.abdn.ac.uk:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-GameXN GO - c:\programdata\GameXN\GameXNGO.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5876)
c:\progra~1\ASUS\ASUSWE~1\service\ASUSWS~1.DLL
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
.
Celkový čas: 2013-04-14 16:11:54
ComboFix-quarantined-files.txt 2013-04-14 14:11
ComboFix2.txt 2013-04-13 18:43
.
Před spuštěním: 9 661 493 248
Po spuštění: 9 585 283 072
.
- - End Of File - - AFED026E0FA02EE0489A311B4F119622
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
Nepřesunul jsi ComboFix do kořenového adresáře C:\, jak jsem Ti psal!! Čti mi ty návody pořádně, nebo se Ti na to vybodnu. Tak znova...--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomalé PC
ComboFix 13-04-12.02 - Uživatel 14.04.2013 16:30:14.3.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1014.354 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\DVDVideoSoftTB\prxtbDVD2.dll"
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\windows\system32\sho6A67.tmp"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\Auto Lyrics Update.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000UA.job"
"c:\windows\tasks\PC Performer_DEFAULT.job"
"c:\windows\tasks\PC Performer_UPDATES.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Umbrella
c:\program files\Common Files\Umbrella\umbrella.exe
c:\program files\Iminent
c:\program files\Iminent\de\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\de\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\de\Iminent.Messengers.resources.dll
c:\program files\Iminent\de\Iminent.resources.dll
c:\program files\Iminent\de\Iminent.Services.resources.dll
c:\program files\Iminent\de\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\de\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\en\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\en\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\en\Iminent.Messengers.resources.dll
c:\program files\Iminent\en\Iminent.resources.dll
c:\program files\Iminent\en\Iminent.Services.resources.dll
c:\program files\Iminent\en\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\en\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\es\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\es\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\es\Iminent.Messengers.resources.dll
c:\program files\Iminent\es\Iminent.resources.dll
c:\program files\Iminent\es\Iminent.Services.resources.dll
c:\program files\Iminent\es\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\es\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\f_in_box.dll
c:\program files\Iminent\fr\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\fr\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\fr\Iminent.Messengers.resources.dll
c:\program files\Iminent\fr\Iminent.resources.dll
c:\program files\Iminent\fr\Iminent.Services.resources.dll
c:\program files\Iminent\fr\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\fr\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\Iminent.AxImp.dll
c:\program files\Iminent\Iminent.Booster.UI.dll
c:\program files\Iminent\Iminent.Business.Connect.dll
c:\program files\Iminent\Iminent.Business.dll
c:\program files\Iminent\Iminent.Business.tlb
c:\program files\Iminent\Iminent.Entity.dll
c:\program files\Iminent\Iminent.exe
c:\program files\Iminent\Iminent.exe.config
c:\program files\Iminent\Iminent.InstallLog
c:\program files\Iminent\Iminent.InstallState
c:\program files\Iminent\Iminent.Mediator.ActivePlayers.dll
c:\program files\Iminent\Iminent.Mediator.dll
c:\program files\Iminent\Iminent.Mediator.tlb
c:\program files\Iminent\Iminent.Messengers.exe
c:\program files\Iminent\Iminent.Messengers.exe.config
c:\program files\Iminent\Iminent.Services.dll
c:\program files\Iminent\Iminent.WebBooster.InternetExplorer.dll
c:\program files\Iminent\Iminent.WinCore.dll
c:\program files\Iminent\Iminent.WinCore.WLM.WinEvents.dll
c:\program files\Iminent\Iminent.WinCore.WLM15.dll
c:\program files\Iminent\Iminent.WinCore.Yahoo.dll
c:\program files\Iminent\Iminent.Windows.dll
c:\program files\Iminent\Iminent.Workflow.dll
c:\program files\Iminent\inst\main.ico
c:\program files\Iminent\inst\msacm32.dll
c:\program files\Iminent\inst\SearchTheWeb.ico
c:\program files\Iminent\it\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\it\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\it\Iminent.Messengers.resources.dll
c:\program files\Iminent\it\Iminent.resources.dll
c:\program files\Iminent\it\Iminent.Services.resources.dll
c:\program files\Iminent\it\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\it\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\Microsoft.DirectX.AudioVideoPlayback.dll
c:\program files\Iminent\Microsoft.Expression.Interactions.dll
c:\program files\Iminent\ro\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\ro\Iminent.Messengers.resources.dll
c:\program files\Iminent\ro\Iminent.Services.resources.dll
c:\program files\Iminent\System.Data.SQLite.dll
c:\program files\Iminent\System.Data.SQLite.xml
c:\program files\Iminent\System.Windows.Interactivity.dll
c:\program files\Iminent\System.Windows.Interactivity.xml
c:\program files\Iminent\tr\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\tr\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\tr\Iminent.Messengers.resources.dll
c:\program files\Iminent\tr\Iminent.resources.dll
c:\program files\Iminent\tr\Iminent.Services.resources.dll
c:\program files\Iminent\webbooster@iminent.com\defaults\preferences\prefs.js
c:\program files\Iminent\webbooster@iminent.com\chrome.manifest
c:\program files\Iminent\webbooster@iminent.com\chrome\content\browser.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\browser.xul
c:\program files\Iminent\webbooster@iminent.com\chrome\content\config.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\01net.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\amazon.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\antronio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ask.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\autoscout.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\avmagazine.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\banners-test.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\basecamphq.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\blog.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\blogger.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\bomnegocio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ciao.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\conduit.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\craigslist.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\dailymotion.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\dailymotion.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\lokalisten.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\lokalisten.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\schueler.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\schueler.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\stayfriends.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\stayfriends.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\studivz.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\studivz.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\wer-kennt-wen.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\wer-kennt-wen.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\diretta.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\drivingitalia.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ebay.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ebayit.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ehow.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\everyeye.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\facebook.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\facebook.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\flickr.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\forum.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\forumVB.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\foxsports.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\france_hardware.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\friv.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\gamekult.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\gamesvillage.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\globo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\google-map.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\google-map.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\guiadohardware.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\gumtree.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\hardware.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\hi5.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\hi5.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ilmeteo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\imdb.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\imdb.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\infos_du_net.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\jappy.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\leboncoin.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\libero.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\lokalisten.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\macitynet.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\marca.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\meebo.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\meebo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\meteonetwork.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\milanuncios.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\movie2k.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\mundoanuncio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\myspace.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\myspace.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\netlog.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\nexopia.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\nexopia.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\nirvam.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ohmydollz.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\orkut.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\orkut.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\pagesjaunes.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\photobucket.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\pinterest.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\poptropica.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\segundamano.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\shopping.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\schueler.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\skype.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\skyrock.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\subito.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\t-online.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\t-online.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tagged.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\taringa.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\taringa.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\terra.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tibiabr.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tiscali.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tripadvisor.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\twitter.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\twitter.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\uol.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\v9.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\virgilio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\voila.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\weather.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\web.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\aol.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\aol.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\gmail.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\gmail.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\hotmail.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\hotmail.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\orange.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\outlook.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\wordpress.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\wp-admin.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\xvideos.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yahoo.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yahoo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yammer.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yellowpages.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yelp.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\youtube.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\youtube.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\advertising\AdFrame.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\advertising\adsmanagement.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\advertising\rmx.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\config.xml
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\led_background.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\blink.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\flip.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\led.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\rainbow.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\typed.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\wave.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\blink.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\flip.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\led.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\rainbow.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\typed.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\wave.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\arrow.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\ArrowExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\BkgExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\btnPinterest.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\close.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\default_icon.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\default_icon_states.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\E29ABD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\E29BB5.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8C99.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8C9F.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8CB9.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8D80.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8DBB.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8E81.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8E89.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8EB1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8EB6.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8EB8.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F908D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90A7.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90AC.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90AE.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90AF.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B0.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B4.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B6.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B7.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B9.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F918C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F918D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F918E.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F91BD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9280.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9284.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F928B.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F928D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F928F.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9293.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9294.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9297.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9299.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F929B.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F929C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F929D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F92A4.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F92A9.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F92AA.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F93B1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F94A5.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9881.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9882.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9884.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9889.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F988A.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F988C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F988D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9892.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9893.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9894.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9896.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9898.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F989A.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F989C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98A1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98AD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98B2.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98B3.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9A97.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9ABD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Expand-26x24.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\FB_Share.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\FB_Share_Tiny.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\fbcoverimage.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\fbimagenotheater.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\fbimageview.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\gifts.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\googleimagesbutton.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\googleimagesbuttonNEW.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\help.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\home.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin_hf.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin_vf.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\iminentbutton.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\iminentbutton_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\InviteFriends.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\LeftExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\leftTooltip.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Line.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Line2.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\mailfooter.jpg
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Minibar_buttons.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\new.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\notification.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\RightExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\rightTooltip.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\s10.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\search.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\separator.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\social_games.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\TellAFriendBackground.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\toolbar_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\toolbarbutton_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\tooltipArrow.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\ui-check-box-checked.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\ui-check-box.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1031.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1033.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1036.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1040.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1048.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1055.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\2070.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\3082.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\ShareMenu.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\minibar.min.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\template.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\scriptExtender.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\scriptInjector.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\utils.js
c:\program files\Iminent\webbooster@iminent.com\install.rdf
c:\program files\Iminent\WPFLocalizeExtension.dll
c:\program files\Iminent\WPFLocalizeExtension.xml
c:\program files\SoftwareUpdater
c:\program files\SoftwareUpdater\AppsUpdater.exe
c:\program files\SoftwareUpdater\AppsUpdater.exe.config
c:\program files\SoftwareUpdater\config.xml
c:\program files\SoftwareUpdater\Interop.Shell32.dll
c:\program files\SoftwareUpdater\KeyGen.dll
c:\program files\SoftwareUpdater\translations.xml
c:\program files\SoftwareUpdater\uninstall.exe
c:\program files\SoftwareUpdater\UpdaterService.exe
c:\programdata\IBUpdaterService
c:\programdata\IBUpdaterService\ibsvc.exe
c:\programdata\IBUpdaterService\repository.xml
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_IBUpdaterService
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate
-------\Service_SProtection
-------\Service_SrvUpdater
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-14 do 2013-04-14 )))))))))))))))))))))))))))))))
.
.
2013-04-14 14:47 . 2013-04-14 14:50 -------- d-----w- c:\users\Uživatel\AppData\Local\temp
2013-04-14 14:47 . 2013-04-14 14:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-14 14:15 . 2013-04-14 14:15 -------- d-----w- c:\users\Uživatel\AppData\Roaming\WinRAR
2013-04-14 12:58 . 2013-04-14 14:01 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\offreg.dll
2013-04-14 12:48 . 2013-04-14 12:48 -------- d-----w- c:\windows\system32\SPReview
2013-04-14 11:59 . 2013-04-14 11:59 -------- d-----w- c:\programdata\McAfee
2013-04-14 11:55 . 2013-04-14 11:55 -------- d-----w- c:\program files\Common Files\Java
2013-04-14 11:55 . 2013-04-14 11:54 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-14 11:54 . 2013-04-14 11:54 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-14 11:54 . 2013-04-14 11:54 -------- d-----w- c:\program files\Java
2013-04-13 18:08 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\mpengine.dll
2013-04-13 18:08 . 2013-03-11 23:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 15:12 . 2013-04-13 15:13 -------- d-----w- c:\program files\trend micro
2013-04-13 15:12 . 2013-04-13 15:14 -------- d-----w- C:\rsit
2013-04-12 11:20 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-12 11:20 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-12 11:20 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-12 11:20 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 11:20 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-12 11:20 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-12 11:20 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 11:20 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-12 11:20 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-25 16:45 . 2013-03-25 16:45 -------- d-----w- c:\users\Uživatel\AppData\Local\Macromedia
2013-03-25 16:41 . 2013-03-25 16:44 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-21 11:03 . 2013-03-21 11:03 -------- d-----w- c:\windows\system32\EventProviders
2013-03-20 20:36 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 13:09 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-04-14 11:54 . 2012-04-08 16:00 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-25 16:44 . 2011-11-30 13:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-03 23:30 . 2013-02-03 23:30 0 ----a-w- c:\windows\system32\sho6A67.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"LiveUpdate"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUS WebStorage"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-13 1594664]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2010-04-13 83240]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-04-14 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 16:44]
.
2013-04-14 c:\windows\Tasks\Auto Lyrics Update.job
- c:\program files\AutoLyrics\AutoLyricsUpdater.exe [2013-02-27 23:14]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SoftwareUpdater - c:\program files\SoftwareUpdater\uninstall.exe
AddRemove-Updater Service - c:\programdata\IBUpdaterService\ibsvc.exe
.
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(768)
c:\progra~1\ASUS\ASUSWE~1\service\ASUSWS~1.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\system32\sppsvc.exe
c:\program files\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Celkový čas: 2013-04-14 16:55:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-14 14:55
ComboFix2.txt 2013-04-14 14:11
ComboFix3.txt 2013-04-13 18:43
.
Před spuštěním: Volných bajtů: 11 404 697 600
Po spuštění: Volných bajtů: 11 325 652 992
.
- - End Of File - - 1BFF7B6F37C55A18370140500B6FA77F
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1014.354 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\DVDVideoSoftTB\prxtbDVD2.dll"
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\windows\system32\sho6A67.tmp"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\Auto Lyrics Update.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1368155687-1681476967-2444974585-1000UA.job"
"c:\windows\tasks\PC Performer_DEFAULT.job"
"c:\windows\tasks\PC Performer_UPDATES.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Umbrella
c:\program files\Common Files\Umbrella\umbrella.exe
c:\program files\Iminent
c:\program files\Iminent\de\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\de\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\de\Iminent.Messengers.resources.dll
c:\program files\Iminent\de\Iminent.resources.dll
c:\program files\Iminent\de\Iminent.Services.resources.dll
c:\program files\Iminent\de\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\de\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\en\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\en\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\en\Iminent.Messengers.resources.dll
c:\program files\Iminent\en\Iminent.resources.dll
c:\program files\Iminent\en\Iminent.Services.resources.dll
c:\program files\Iminent\en\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\en\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\es\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\es\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\es\Iminent.Messengers.resources.dll
c:\program files\Iminent\es\Iminent.resources.dll
c:\program files\Iminent\es\Iminent.Services.resources.dll
c:\program files\Iminent\es\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\es\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\f_in_box.dll
c:\program files\Iminent\fr\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\fr\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\fr\Iminent.Messengers.resources.dll
c:\program files\Iminent\fr\Iminent.resources.dll
c:\program files\Iminent\fr\Iminent.Services.resources.dll
c:\program files\Iminent\fr\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\fr\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\Iminent.AxImp.dll
c:\program files\Iminent\Iminent.Booster.UI.dll
c:\program files\Iminent\Iminent.Business.Connect.dll
c:\program files\Iminent\Iminent.Business.dll
c:\program files\Iminent\Iminent.Business.tlb
c:\program files\Iminent\Iminent.Entity.dll
c:\program files\Iminent\Iminent.exe
c:\program files\Iminent\Iminent.exe.config
c:\program files\Iminent\Iminent.InstallLog
c:\program files\Iminent\Iminent.InstallState
c:\program files\Iminent\Iminent.Mediator.ActivePlayers.dll
c:\program files\Iminent\Iminent.Mediator.dll
c:\program files\Iminent\Iminent.Mediator.tlb
c:\program files\Iminent\Iminent.Messengers.exe
c:\program files\Iminent\Iminent.Messengers.exe.config
c:\program files\Iminent\Iminent.Services.dll
c:\program files\Iminent\Iminent.WebBooster.InternetExplorer.dll
c:\program files\Iminent\Iminent.WinCore.dll
c:\program files\Iminent\Iminent.WinCore.WLM.WinEvents.dll
c:\program files\Iminent\Iminent.WinCore.WLM15.dll
c:\program files\Iminent\Iminent.WinCore.Yahoo.dll
c:\program files\Iminent\Iminent.Windows.dll
c:\program files\Iminent\Iminent.Workflow.dll
c:\program files\Iminent\inst\main.ico
c:\program files\Iminent\inst\msacm32.dll
c:\program files\Iminent\inst\SearchTheWeb.ico
c:\program files\Iminent\it\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\it\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\it\Iminent.Messengers.resources.dll
c:\program files\Iminent\it\Iminent.resources.dll
c:\program files\Iminent\it\Iminent.Services.resources.dll
c:\program files\Iminent\it\Microsoft.Expression.Interactions.resources.dll
c:\program files\Iminent\it\System.Windows.Interactivity.resources.dll
c:\program files\Iminent\Microsoft.DirectX.AudioVideoPlayback.dll
c:\program files\Iminent\Microsoft.Expression.Interactions.dll
c:\program files\Iminent\ro\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\ro\Iminent.Messengers.resources.dll
c:\program files\Iminent\ro\Iminent.Services.resources.dll
c:\program files\Iminent\System.Data.SQLite.dll
c:\program files\Iminent\System.Data.SQLite.xml
c:\program files\Iminent\System.Windows.Interactivity.dll
c:\program files\Iminent\System.Windows.Interactivity.xml
c:\program files\Iminent\tr\Iminent.Booster.UI.resources.dll
c:\program files\Iminent\tr\Iminent.Business.Connect.resources.dll
c:\program files\Iminent\tr\Iminent.Messengers.resources.dll
c:\program files\Iminent\tr\Iminent.resources.dll
c:\program files\Iminent\tr\Iminent.Services.resources.dll
c:\program files\Iminent\webbooster@iminent.com\defaults\preferences\prefs.js
c:\program files\Iminent\webbooster@iminent.com\chrome.manifest
c:\program files\Iminent\webbooster@iminent.com\chrome\content\browser.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\browser.xul
c:\program files\Iminent\webbooster@iminent.com\chrome\content\config.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\01net.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\amazon.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\antronio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ask.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\autoscout.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\avmagazine.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\banners-test.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\basecamphq.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\blog.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\blogger.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\bomnegocio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ciao.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\conduit.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\craigslist.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\dailymotion.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\dailymotion.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\lokalisten.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\lokalisten.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\schueler.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\schueler.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\stayfriends.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\stayfriends.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\studivz.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\studivz.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\wer-kennt-wen.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\de\wer-kennt-wen.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\diretta.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\drivingitalia.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ebay.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ebayit.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ehow.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\everyeye.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\facebook.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\facebook.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\flickr.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\forum.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\forumVB.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\foxsports.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\france_hardware.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\friv.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\gamekult.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\gamesvillage.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\globo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\google-map.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\google-map.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\guiadohardware.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\gumtree.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\hardware.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\hi5.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\hi5.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ilmeteo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\imdb.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\imdb.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\infos_du_net.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\jappy.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\leboncoin.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\libero.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\lokalisten.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\macitynet.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\marca.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\meebo.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\meebo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\meteonetwork.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\milanuncios.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\movie2k.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\mundoanuncio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\myspace.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\myspace.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\netlog.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\nexopia.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\nexopia.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\nirvam.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\ohmydollz.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\orkut.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\orkut.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\pagesjaunes.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\photobucket.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\pinterest.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\poptropica.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\segundamano.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\shopping.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\schueler.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\skype.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\skyrock.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\subito.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\t-online.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\t-online.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tagged.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\taringa.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\taringa.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\terra.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tibiabr.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tiscali.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\tripadvisor.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\twitter.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\twitter.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\uol.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\v9.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\virgilio.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\voila.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\weather.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\web.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\aol.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\aol.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\gmail.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\gmail.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\hotmail.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\hotmail.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\orange.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\Webmail\outlook.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\wordpress.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\wp-admin.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\xvideos.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yahoo.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yahoo.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yammer.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yellowpages.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\yelp.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\youtube.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\adapters\youtube.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\advertising\AdFrame.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\advertising\adsmanagement.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\advertising\rmx.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\config.xml
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\led_background.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\blink.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\flip.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\led.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\rainbow.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\typed.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\off\wave.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\blink.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\flip.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\led.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\rainbow.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\typed.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\fx2\on\wave.gif
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\arrow.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\ArrowExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\BkgExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\btnPinterest.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\close.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\default_icon.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\default_icon_states.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\E29ABD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\E29BB5.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8C99.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8C9F.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8CB9.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8D80.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8DBB.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8E81.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8E89.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8EB1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8EB6.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F8EB8.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F908D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90A7.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90AC.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90AE.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90AF.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B0.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B4.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B6.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B7.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F90B9.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F918C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F918D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F918E.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F91BD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9280.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9284.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F928B.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F928D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F928F.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9293.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9294.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9297.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9299.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F929B.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F929C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F929D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F92A4.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F92A9.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F92AA.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F93B1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F94A5.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9881.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9882.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9884.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9889.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F988A.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F988C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F988D.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9892.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9893.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9894.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9896.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9898.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F989A.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F989C.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98A1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98AD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98B2.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F98B3.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9A97.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\emoji\F09F9ABD.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Expand-26x24.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\FB_Share.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\FB_Share_Tiny.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\fbcoverimage.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\fbimagenotheater.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\fbimageview.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\gifts.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\googleimagesbutton.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\googleimagesbuttonNEW.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\help.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\home.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin_hf.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin_vf.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin1.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\iminentbutton.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\iminentbutton_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\InviteFriends.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\LeftExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\leftTooltip.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Line.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Line2.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\mailfooter.jpg
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\Minibar_buttons.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\new.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\notification.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\RightExpandBar.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\rightTooltip.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\s10.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\search.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\separator.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\social_games.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\TellAFriendBackground.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\toolbar_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\toolbarbutton_bg.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\tooltipArrow.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\ui-check-box-checked.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\content\images\ui-check-box.png
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1031.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1033.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1036.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1040.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1048.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\1055.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\2070.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\3082.html
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\menu_page\ShareMenu.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\minibar.min.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\minibar\template.css
c:\program files\Iminent\webbooster@iminent.com\chrome\content\scriptExtender.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\scriptInjector.js
c:\program files\Iminent\webbooster@iminent.com\chrome\content\utils.js
c:\program files\Iminent\webbooster@iminent.com\install.rdf
c:\program files\Iminent\WPFLocalizeExtension.dll
c:\program files\Iminent\WPFLocalizeExtension.xml
c:\program files\SoftwareUpdater
c:\program files\SoftwareUpdater\AppsUpdater.exe
c:\program files\SoftwareUpdater\AppsUpdater.exe.config
c:\program files\SoftwareUpdater\config.xml
c:\program files\SoftwareUpdater\Interop.Shell32.dll
c:\program files\SoftwareUpdater\KeyGen.dll
c:\program files\SoftwareUpdater\translations.xml
c:\program files\SoftwareUpdater\uninstall.exe
c:\program files\SoftwareUpdater\UpdaterService.exe
c:\programdata\IBUpdaterService
c:\programdata\IBUpdaterService\ibsvc.exe
c:\programdata\IBUpdaterService\repository.xml
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_IBUpdaterService
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate
-------\Service_SProtection
-------\Service_SrvUpdater
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-14 do 2013-04-14 )))))))))))))))))))))))))))))))
.
.
2013-04-14 14:47 . 2013-04-14 14:50 -------- d-----w- c:\users\Uživatel\AppData\Local\temp
2013-04-14 14:47 . 2013-04-14 14:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-14 14:15 . 2013-04-14 14:15 -------- d-----w- c:\users\Uživatel\AppData\Roaming\WinRAR
2013-04-14 12:58 . 2013-04-14 14:01 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\offreg.dll
2013-04-14 12:48 . 2013-04-14 12:48 -------- d-----w- c:\windows\system32\SPReview
2013-04-14 11:59 . 2013-04-14 11:59 -------- d-----w- c:\programdata\McAfee
2013-04-14 11:55 . 2013-04-14 11:55 -------- d-----w- c:\program files\Common Files\Java
2013-04-14 11:55 . 2013-04-14 11:54 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-14 11:54 . 2013-04-14 11:54 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-14 11:54 . 2013-04-14 11:54 -------- d-----w- c:\program files\Java
2013-04-13 18:08 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A1B84DE-0FDA-47B3-9A62-FEDCC8F54D5E}\mpengine.dll
2013-04-13 18:08 . 2013-03-11 23:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 15:12 . 2013-04-13 15:13 -------- d-----w- c:\program files\trend micro
2013-04-13 15:12 . 2013-04-13 15:14 -------- d-----w- C:\rsit
2013-04-12 11:20 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-12 11:20 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-12 11:20 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-12 11:20 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 11:20 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-12 11:20 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-12 11:20 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 11:20 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-12 11:20 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-25 16:45 . 2013-03-25 16:45 -------- d-----w- c:\users\Uživatel\AppData\Local\Macromedia
2013-03-25 16:41 . 2013-03-25 16:44 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-21 11:03 . 2013-03-21 11:03 -------- d-----w- c:\windows\system32\EventProviders
2013-03-20 20:36 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 13:09 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-04-14 11:54 . 2012-04-08 16:00 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-25 16:44 . 2011-11-30 13:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-03 23:30 . 2013-02-03 23:30 0 ----a-w- c:\windows\system32\sho6A67.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"LiveUpdate"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUS WebStorage"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-13 1594664]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2010-04-13 83240]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-04-14 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 16:44]
.
2013-04-14 c:\windows\Tasks\Auto Lyrics Update.job
- c:\program files\AutoLyrics\AutoLyricsUpdater.exe [2013-02-27 23:14]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SoftwareUpdater - c:\program files\SoftwareUpdater\uninstall.exe
AddRemove-Updater Service - c:\programdata\IBUpdaterService\ibsvc.exe
.
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(768)
c:\progra~1\ASUS\ASUSWE~1\service\ASUSWS~1.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\system32\sppsvc.exe
c:\program files\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Celkový čas: 2013-04-14 16:55:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-14 14:55
ComboFix2.txt 2013-04-14 14:11
ComboFix3.txt 2013-04-13 18:43
.
Před spuštěním: Volných bajtů: 11 404 697 600
Po spuštění: Volných bajtů: 11 325 652 992
.
- - End Of File - - 1BFF7B6F37C55A18370140500B6FA77F
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
Odinstaluj ComboFix.
- Klikni na Start >> Spustit... (nebo stiskni klávesy Win+R) a do okna napiš ComboFix /Uninstall
- Mezi ComboFix a /Uninstall je mezera!
- Příkaz potvrď klávesou [Enter].
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomalé PC
Combofix odinstalován.. 
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomalé PC
Super. Hodně jsem toho odmazal přes ComboFix, ale dáme si pro jistotu ještě scan s MBAM - jen tak pro jistotu, jestli ještě něco nenajde.
Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.
Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.
- Proveď aktualizaci virové databáze.
- V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
- Předem nic nemaž!!
- MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Přispějete na provoz fóra?