Zdravím, mám v poslední době problém s tím, že pokud chci otevřít nějaký odkaz atp. tak mě to automaticky přesměruje na tuto adresu, hxxp://www.purchasereviews.net/donate.php, klikejte asi na vlastní nebezpečí... Je to dost otravné, protože pokud otevírám odkazy do noých záložek, tak se nedá vrátit zpátky na tu stránku co jsem chtěl. Zároveň mám pocit že se mi data stahují pomaleji než do teď. Posílám log z combofixu, díky za pomoc.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vašek at 2013-05-14 11:21:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 218 GB (47%) free of 466 GB
Total RAM: 4045 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:21:13, on 14.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
D:\Programy\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
D:\Programy\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Programy\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe
D:\Programy\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Vašek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.phpnuke.org/?lang=en&cid=457c4dfc
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Programy\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Ask Toolbar BHO - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: phpnuke Helper Object - {890CA547-B66C-48BF-9663-DBE0BFDC7D0C} - C:\Program Files (x86)\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\Avast\aswWebRepIE.dll
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O3 - Toolbar: Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" (file missing)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [RoccatKova+] "C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [avast] "D:\Programy\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [KiesTrayAgent] D:\Programy\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 5] "D:\Programy\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-266349663-400684417-2290147511-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-266349663-400684417-2290147511-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Arvo] "C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Arvo] "C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Programy\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Programy\SkypeRecorder\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\Avast\AvastSvc.exe
O23 - Service: AVerRECentral - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - D:\Programy\BitComet\tools\BitCometService.exe
O23 - Service: CyberLink Product - 2012/07/26 14:15:09 (CLKMSVC10_80CF330A) - CyberLink - C:\Program Files (x86)\Acer\clear.fi SDK20\Movie\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Hry\Smite\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - D:\Programy\Version8\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UltiDev Cassini Web Server for ASP.NET 2.0 - UltiDev LLC - C:\Program Files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 19156 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Programy\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
C:\Windows\system32\hasplms.exe -run
D:\Hry\Smite\HiPatchService.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"D:\Programy\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"D:\Programy\Avast\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"D:\Programy\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe" HOOK -Dwthx160.dll -IE"DefaultScope" -GC"C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Web Data" -FF"C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\Prefs.js"
"taskhost.exe"
"D:\Programy\Mozilla Firefox\firefox.exe"
taskeng.exe {90C8CD6B-A415-4493-AF16-83CD5A56B4AE}
"C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"D:\Programy\Mozilla Firefox\plugin-container.exe" --channel=3912.181f3e00.812912357 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" -greomni "D:\Programy\Mozilla Firefox\omni.ja" -appdir "D:\Programy\Mozilla Firefox" " 38F13FD041F945F" 3912 "\\.\pipe\gecko-crash-server-pipe.3912" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash3392.66E01D90.23401 --host-broker-channel=Flash3392.66E01D90.20998 --host-pid=3392 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=5384.0032F408.1621309579 --proxy-stub-channel=Flash3392.66E01D90.23401 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Vašek\Desktop\jednohubka\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =668083&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.138.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.3]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
D:\Programy\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\Programy\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
D:\Programy\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\
ascsurfingprotection@iobit.com
C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\searchplugins\
phpnuke.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - D:\Programy\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-17 545264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-04-15 6305912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-17 193520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll [2013-02-23 1352512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - D:\Programy\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll [2013-03-27 13448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-05-03 462752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C}]
phpnuke Helper Object - C:\Program Files (x86)\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll [2013-02-14 271256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\Programy\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-04-15 4529272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-05-03 171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
FreeOnlineRadioPlayerRecorder Toolbar - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFree.dll [2012-11-06 183112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - D:\Programy\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - D:\Programy\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{f999a48b-1950-4d81-9971-79018f807b4b} - FreeOnlineRadioPlayerRecorder Toolbar - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFree.dll [2012-11-06 183112]
{4D594333-0076-A76A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll [2013-03-27 13448]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll [2013-02-23 1352512]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-11-14 13353064]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-01-25 499608]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-01-21 123400]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"AdobeBridge"= []
"Advanced SystemCare 5"=D:\Programy\Advanced SystemCare 5\ASCTray.exe /AutoStart []
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-06-22 341360]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]
"RoccatKova+"=C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [2010-06-24 536576]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2011-12-04 291096]
"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-02-07 636520]
"avast"=D:\Programy\Avast\avastUI.exe [2013-03-07 4767304]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"KiesTrayAgent"=D:\Programy\Kies\KiesTrayAgent.exe [2012-12-20 310280]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-03-27 1483912]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-02-23 1297728]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - D:\Programy\DeskScapes3\deskscapes.dll [2010-09-27 116528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-14 11:21:08 ----D---- C:\rsit
2013-05-14 11:21:08 ----D---- C:\Program Files\trend micro
2013-05-10 00:29:59 ----D---- C:\Windows\Simple Shutdown Timer
2013-05-10 00:29:39 ----A---- C:\Windows\Simple Shutdown Timer Setup Log.txt
2013-05-03 14:35:44 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-05-03 14:35:36 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-05-03 14:35:36 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-05-03 14:35:36 ----A---- C:\Windows\SYSWOW64\java.exe
2013-05-03 14:35:29 ----D---- C:\Program Files (x86)\Java
2013-05-01 21:58:04 ----D---- C:\Windows\SYSWOW64\URTTEMP
2013-05-01 11:26:52 ----D---- C:\Users\Vašek\AppData\Roaming\LOVE
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-04-30 01:29:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\wininet.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\wextract.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\webcheck.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\vbscript.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\urlmon.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\url.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\occache.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\msrating.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\msls31.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\mshtml.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\mshta.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\jscript9.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\jscript.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\inseng.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\imgutil.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\iexpress.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\ieui.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\iesetup.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\iertutil.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\iernonce.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\iepeers.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\ieframe.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\ieapfltr.dat
2013-04-30 01:29:00 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-30 01:29:00 ----A---- C:\Windows\system32\icardie.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\elshyph.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-30 01:29:00 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-28 22:14:20 ----A---- C:\Windows\SYSWOW64\fmod_event.dll
2013-04-28 22:14:19 ----A---- C:\Windows\SYSWOW64\fmodex.dll
2013-04-28 08:56:16 ----D---- C:\Users\Vašek\AppData\Roaming\Wargaming.net
2013-04-27 21:10:37 ----D---- C:\Users\Vašek\AppData\Roaming\Braid
2013-04-24 07:36:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-04-23 19:59:48 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvopencl.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvoglv64.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvinitx.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvdispgenco6431422.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvdispco6431422.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvcuvid.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\nvcuda.dll
2013-04-23 19:59:48 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-04-23 19:59:47 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-04-23 19:59:47 ----A---- C:\Windows\system32\nvcompiler.dll
======List of files/folders modified in the last 1 month======
2013-05-14 11:21:13 ----D---- C:\Windows\Prefetch
2013-05-14 11:21:10 ----D---- C:\Windows\Temp
2013-05-14 11:21:08 ----RD---- C:\Program Files
2013-05-14 11:03:19 ----D---- C:\Windows\system32\config
2013-05-14 10:58:03 ----D---- C:\Windows\System32
2013-05-14 10:58:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-14 10:58:02 ----D---- C:\Windows\inf
2013-05-14 10:55:11 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-14 10:52:22 ----D---- C:\Windows\system32\drivers
2013-05-14 10:52:04 ----D---- C:\ProgramData\NVIDIA
2013-05-14 08:31:09 ----SHD---- C:\System Volume Information
2013-05-13 16:47:46 ----SHD---- C:\Windows\Installer
2013-05-13 16:47:46 ----SHD---- C:\Config.Msi
2013-05-11 22:36:23 ----D---- C:\Windows\system32\catroot2
2013-05-10 00:29:59 ----D---- C:\Windows\SysWOW64
2013-05-10 00:29:59 ----D---- C:\Windows
2013-05-09 19:23:28 ----RSD---- C:\Windows\assembly
2013-05-09 18:16:47 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-05-09 17:53:55 ----D---- C:\Windows\rescache
2013-05-09 17:49:21 ----D---- C:\Users\Vašek\AppData\Roaming\Skype
2013-05-07 12:14:55 ----D---- C:\Downloads
2013-05-05 21:52:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-05-03 14:35:53 ----D---- C:\Program Files (x86)\Common Files
2013-05-03 14:35:30 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-05-03 14:35:30 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-05-03 14:35:29 ----RD---- C:\Program Files (x86)
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 21:59:34 ----SD---- C:\Users\Vašek\AppData\Roaming\Microsoft
2013-05-01 21:59:23 ----D---- C:\Windows\Registration
2013-05-01 21:59:15 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-05-01 21:59:05 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-30 09:12:41 ----D---- C:\Windows\winsxs
2013-04-30 09:12:01 ----D---- C:\Windows\Panther
2013-04-30 09:09:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-30 09:09:15 ----D---- C:\Windows\system32\cs-CZ
2013-04-30 09:09:15 ----D---- C:\Program Files\Internet Explorer
2013-04-30 09:09:12 ----D---- C:\Windows\SYSWOW64\wbem
2013-04-30 09:09:12 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-04-30 09:09:12 ----D---- C:\Windows\SYSWOW64\migration
2013-04-30 09:09:12 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-30 09:09:10 ----D---- C:\Windows\system32\wbem
2013-04-30 09:09:10 ----D---- C:\Windows\system32\migration
2013-04-30 09:09:10 ----D---- C:\Windows\PolicyDefinitions
2013-04-30 09:09:09 ----D---- C:\Windows\system32\sk-SK
2013-04-30 09:09:07 ----D---- C:\Windows\system32\en-US
2013-04-30 01:32:08 ----D---- C:\Windows\Logs
2013-04-30 01:31:48 ----D---- C:\Windows\system32\catroot
2013-04-30 00:32:07 ----RSD---- C:\Windows\Fonts
2013-04-28 09:05:20 ----D---- C:\Users\Vašek\AppData\Roaming\TS3Client
2013-04-27 21:09:36 ----D---- C:\Users\Vašek\AppData\Roaming\BitComet
2013-04-27 08:40:08 ----D---- C:\ProgramData\Skype
2013-04-27 08:40:07 ----RD---- C:\Program Files (x86)\Skype
2013-04-23 20:02:34 ----D---- C:\Windows\system32\DriverStore
2013-04-23 20:01:53 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-04-17 17:26:29 ----A---- C:\Windows\wininit.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2011-12-04 16152]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-08-24 560184]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-03-08 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-03-08 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-03-08 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2011-11-22 78208]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2012-06-28 139592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2011-09-28 321536]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-01-03 43168]
R3 AVer330;AVer330; C:\Windows\system32\DRIVERS\AVer330.sys [2012-09-17 1431424]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-17 283200]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2011-11-30 358576]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-09-09 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-11-16 2950632]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2011-12-04 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2011-12-04 785688]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-01-03 312480]
S3 ArvoFltr;ROCCAT Arvo; C:\Windows\system32\drivers\ArvoFltr.sys [2009-05-07 15872]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-03-31 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-03-31 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-03-31 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-02-25 528192]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-03-27 169096]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-02-23 805752]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Avast\AvastSvc.exe [2013-03-07 45248]
R2 AVerRECentral;AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [2012-07-31 339456]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2012-06-28 4941768]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Hry\Smite\HiPatchService.exe [2012-10-09 8704]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-07 277784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-07-23 690472]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-03-06 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 TeamViewer8;TeamViewer 8; D:\Programy\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0; C:\Program Files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2012-10-17 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S2 CLKMSVC10_80CF330A;CyberLink Product - 2012/07/26 14:15:09; C:\Program Files (x86)\Acer\clear.fi SDK20\Movie\NavFilter\kmsvc.exe [2012-04-18 242664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-01-15 45056]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; D:\Programy\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-09 655624]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-08-10 150464]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2011-12-15 14848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-05-04 543656]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Náhodné otevírání stránek v prohlížeči
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Náhodné otevírání stránek v prohlížeči
Naposledy upravil(a) vyosek dne 14 kvě 2013 12:23, celkem upraveno 1 x.
Důvod: Z bezpecnostnich duvodu zneaktivnen link
Důvod: Z bezpecnostnich duvodu zneaktivnen link
Re: Náhodné otevírání stránek v prohlížeči
Zdravim 
Pisete, ze posilate log z ComboFixu, ale ja tu vidim RSIT.
Co jste tedy delal s ComboFixem?
Pisete, ze posilate log z ComboFixu, ale ja tu vidim RSIT. Co jste tedy delal s ComboFixem?"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Náhodné otevírání stránek v prohlížeči
Neposlal jsem combofix ale RSIT, moje chyba, na combofix jsem ještě nešáhl 
Re: Náhodné otevírání stránek v prohlížeči
Tak na nej sam ani nesahejte - licencni podminky hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Nebezpeci CFka
Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Prohledat
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Náhodné otevírání stránek v prohlížeči
ASC smazáno, od IObit jen jeden program a to nějakej toolbat, vědomě jsem se určitě neinstaloval... 
Každopádně další se mi nedaří najít, jestli tam ještě nějaký jsou. Posílám ten log
# AdwCleaner v2.300 - Log vytvooen 14/05/2013 v 16:04:52
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Vašek - WSSM
# Spuštin systém : Normální
# Spuštino z : C:\Users\Vašek\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\askpartnernetwork
Složka Nalezeno : C:\Program Files (x86)\Common Files\spigot
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder
Složka Nalezeno : C:\ProgramData\APN
Složka Nalezeno : C:\ProgramData\askpartnernetwork
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\Users\FIFA 13\AppData\LocalLow\Search Settings
Složka Nalezeno : C:\Users\Marek\AppData\LocalLow\Search Settings
Složka Nalezeno : C:\Users\VAEK~1\AppData\Local\Temp\APN
Složka Nalezeno : C:\Users\Vašek\AppData\Local\Conduit
Složka Nalezeno : C:\Users\Vašek\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Vašek\AppData\LocalLow\FreeOnlineRadioPlayerRecorder
Soubor Nalezeno : C:\user.js
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F999A48B-1950-4D81-9971-79018F807B4B}]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\FreeOnlineRadioPlayerRecorder
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93EADB59-98CB-40FC-B72E-7B56651E4098}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBF14A3A-7E73-4447-86DB-D6767C6ACCD1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v14.0.1 (cs)
Soubor : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\aslat8v3.default\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\prefs.js
Nalezeno : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nalezeno : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Nalezeno : user_pref("browser.search.order.1", "Search The Web (phpnuke)");
Nalezeno : user_pref("ct2737658.UserID", "UN24460959283258120");
Nalezeno : user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)");
Nalezeno : user_pref("smartbar.machineId", "J/PBSJLRH0TYTY7V3B3BNU3CHFI75RXP+EM8HZMTEKKQ2EWHI9A+VRT65X9C8M/+T+D[...]
Soubor : C:\Users\FIFA 13\AppData\Roaming\Mozilla\Firefox\Profiles\sa40ocq3.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.2710] : homepage = "hxxp://start.facemoods.com/?a=make",
Soubor : C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Soubor : C:\Users\Vašek\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [8171 octets] - [14/05/2013 16:04:52]
########## EOF - C:\AdwCleaner[R1].txt - [8231 octets] ##########
Každopádně další se mi nedaří najít, jestli tam ještě nějaký jsou. Posílám ten log# AdwCleaner v2.300 - Log vytvooen 14/05/2013 v 16:04:52
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Vašek - WSSM
# Spuštin systém : Normální
# Spuštino z : C:\Users\Vašek\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\askpartnernetwork
Složka Nalezeno : C:\Program Files (x86)\Common Files\spigot
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder
Složka Nalezeno : C:\ProgramData\APN
Složka Nalezeno : C:\ProgramData\askpartnernetwork
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\Users\FIFA 13\AppData\LocalLow\Search Settings
Složka Nalezeno : C:\Users\Marek\AppData\LocalLow\Search Settings
Složka Nalezeno : C:\Users\VAEK~1\AppData\Local\Temp\APN
Složka Nalezeno : C:\Users\Vašek\AppData\Local\Conduit
Složka Nalezeno : C:\Users\Vašek\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Vašek\AppData\LocalLow\FreeOnlineRadioPlayerRecorder
Soubor Nalezeno : C:\user.js
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F999A48B-1950-4D81-9971-79018F807B4B}]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\FreeOnlineRadioPlayerRecorder
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93EADB59-98CB-40FC-B72E-7B56651E4098}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBF14A3A-7E73-4447-86DB-D6767C6ACCD1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v14.0.1 (cs)
Soubor : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\aslat8v3.default\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\prefs.js
Nalezeno : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nalezeno : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Nalezeno : user_pref("browser.search.order.1", "Search The Web (phpnuke)");
Nalezeno : user_pref("ct2737658.UserID", "UN24460959283258120");
Nalezeno : user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)");
Nalezeno : user_pref("smartbar.machineId", "J/PBSJLRH0TYTY7V3B3BNU3CHFI75RXP+EM8HZMTEKKQ2EWHI9A+VRT65X9C8M/+T+D[...]
Soubor : C:\Users\FIFA 13\AppData\Roaming\Mozilla\Firefox\Profiles\sa40ocq3.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.2710] : homepage = "hxxp://start.facemoods.com/?a=make",
Soubor : C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Soubor : C:\Users\Vašek\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [8171 octets] - [14/05/2013 16:04:52]
########## EOF - C:\AdwCleaner[R1].txt - [8231 octets] ##########
Re: Náhodné otevírání stránek v prohlížeči
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Smazat
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Náhodné otevírání stránek v prohlížeči
# AdwCleaner v2.300 - Log vytvooen 14/05/2013 v 21:15:16
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Vašek - WSSM
# Spuštin systém : Normální
# Spuštino z : C:\Users\Vašek\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Common Files\spigot
Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder
Složka Vymazáno : C:\ProgramData\APN
Složka Vymazáno : C:\ProgramData\askpartnernetwork
Složka Vymazáno : C:\ProgramData\boost_interprocess
Složka Vymazáno : C:\Users\FIFA 13\AppData\LocalLow\Search Settings
Složka Vymazáno : C:\Users\Marek\AppData\LocalLow\Search Settings
Složka Vymazáno : C:\Users\VAEK~1\AppData\Local\Temp\APN
Složka Vymazáno : C:\Users\Vašek\AppData\Local\Conduit
Složka Vymazáno : C:\Users\Vašek\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Vašek\AppData\LocalLow\FreeOnlineRadioPlayerRecorder
Soubor Vymazáno : C:\user.js
Vymazáno poi restartu : C:\Program Files (x86)\askpartnernetwork
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F999A48B-1950-4D81-9971-79018F807B4B}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\AppDataLow\Toolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\FreeOnlineRadioPlayerRecorder
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93EADB59-98CB-40FC-B72E-7B56651E4098}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBF14A3A-7E73-4447-86DB-D6767C6ACCD1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v14.0.1 (cs)
Soubor : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\aslat8v3.default\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\prefs.js
C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\user.js ... Vymazáno !
Vymazáno : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazáno : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Vymazáno : user_pref("browser.search.order.1", "Search The Web (phpnuke)");
Vymazáno : user_pref("ct2737658.UserID", "UN24460959283258120");
Vymazáno : user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)");
Vymazáno : user_pref("smartbar.machineId", "J/PBSJLRH0TYTY7V3B3BNU3CHFI75RXP+EM8HZMTEKKQ2EWHI9A+VRT65X9C8M/+T+D[...]
Soubor : C:\Users\FIFA 13\AppData\Roaming\Mozilla\Firefox\Profiles\sa40ocq3.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.2668] : homepage = "hxxp://start.facemoods.com/?a=make",
Soubor : C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Soubor : C:\Users\Vašek\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [8286 octets] - [14/05/2013 16:04:52]
AdwCleaner[S1].txt - [7868 octets] - [14/05/2013 21:15:16]
########## EOF - C:\AdwCleaner[S1].txt - [7928 octets] ##########
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Vašek - WSSM
# Spuštin systém : Normální
# Spuštino z : C:\Users\Vašek\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Common Files\spigot
Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder
Složka Vymazáno : C:\ProgramData\APN
Složka Vymazáno : C:\ProgramData\askpartnernetwork
Složka Vymazáno : C:\ProgramData\boost_interprocess
Složka Vymazáno : C:\Users\FIFA 13\AppData\LocalLow\Search Settings
Složka Vymazáno : C:\Users\Marek\AppData\LocalLow\Search Settings
Složka Vymazáno : C:\Users\VAEK~1\AppData\Local\Temp\APN
Složka Vymazáno : C:\Users\Vašek\AppData\Local\Conduit
Složka Vymazáno : C:\Users\Vašek\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Vašek\AppData\LocalLow\FreeOnlineRadioPlayerRecorder
Soubor Vymazáno : C:\user.js
Vymazáno poi restartu : C:\Program Files (x86)\askpartnernetwork
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F999A48B-1950-4D81-9971-79018F807B4B}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\AppDataLow\Toolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\FreeOnlineRadioPlayerRecorder
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93EADB59-98CB-40FC-B72E-7B56651E4098}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBF14A3A-7E73-4447-86DB-D6767C6ACCD1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v14.0.1 (cs)
Soubor : C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\aslat8v3.default\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\prefs.js
C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\user.js ... Vymazáno !
Vymazáno : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazáno : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Vymazáno : user_pref("browser.search.order.1", "Search The Web (phpnuke)");
Vymazáno : user_pref("ct2737658.UserID", "UN24460959283258120");
Vymazáno : user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)");
Vymazáno : user_pref("smartbar.machineId", "J/PBSJLRH0TYTY7V3B3BNU3CHFI75RXP+EM8HZMTEKKQ2EWHI9A+VRT65X9C8M/+T+D[...]
Soubor : C:\Users\FIFA 13\AppData\Roaming\Mozilla\Firefox\Profiles\sa40ocq3.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v [Nemohu získat verzi]
Soubor : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.2668] : homepage = "hxxp://start.facemoods.com/?a=make",
Soubor : C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Soubor : C:\Users\Vašek\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [8286 octets] - [14/05/2013 16:04:52]
AdwCleaner[S1].txt - [7868 octets] - [14/05/2013 21:15:16]
########## EOF - C:\AdwCleaner[S1].txt - [7928 octets] ##########
Re: Náhodné otevírání stránek v prohlížeči
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Náhodné otevírání stránek v prohlížeči
Tak po projetí Combofixem, restartování a zobrazení logu jsem ho chtěl poslat, ale když se snažím otevří firefox, chrome nebo i IE, tak mi to vždycky hodí hlášku Pokus použít neplatnou operaci na klíč registru, který je označen pro smazání... Nemůžu se dostat na internet
edit: Tak změna, nemůžu otevřít vůbec žádnej program, video atd... Všude stejná hláška
edit: Tak změna, nemůžu otevřít vůbec žádnej program, video atd... Všude stejná hláška
Re: Náhodné otevírání stránek v prohlížeči
Druhej profil to přestál, takže posílám z něho
ComboFix 13-05-14.01 - Vašek 15.05.2013 11:34:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4045.2203 [GMT 2:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\AppLocA.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
c:\windows\PFRO.log
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\tmp676.tmp
c:\windows\SysWow64\tmp6A5.tmp
c:\windows\SysWow64\tmp9BED.tmp
c:\windows\SysWow64\tmp9C9A.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-15 do 2013-05-15 )))))))))))))))))))))))))))))))
.
.
2013-05-15 09:56 . 2013-05-15 09:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-15 09:56 . 2013-05-15 09:56 -------- d-----w- c:\users\Marek\AppData\Local\temp
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- C:\rsit
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- c:\program files\trend micro
2013-05-14 06:31 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1F56ABE-779B-45F0-845F-82036DDBE576}\mpengine.dll
2013-05-11 08:00 . 2013-05-11 08:00 -------- d-----w- c:\users\Marek\AppData\Roaming\OpenArena
2013-05-10 21:26 . 2013-05-10 21:26 -------- d-----w- c:\users\Marek\AppData\Local\BridgeProject
2013-05-09 22:29 . 2013-05-09 22:29 -------- d-----w- c:\windows\Simple Shutdown Timer
2013-05-09 17:24 . 2013-05-09 17:24 -------- d-----w- c:\users\Marek\AppData\Local\Criterion Games
2013-05-08 12:53 . 2013-05-08 12:53 -------- d-----w- c:\users\Marek\AppData\Local\The Lord of the Rings Online
2013-05-08 12:49 . 2013-05-08 12:49 -------- d-----w- c:\users\Marek\AppData\Local\Turbine
2013-05-08 12:48 . 2013-05-08 13:01 -------- d-----w- c:\users\Marek\AppData\Local\ApplicationHistory
2013-05-05 17:10 . 2013-05-05 17:10 -------- d-----w- c:\users\Public\CyberLink
2013-05-04 17:04 . 2013-05-13 13:08 -------- d-----w- c:\users\Vašek\AppData\Local\Game Dev Tycoon
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-03 12:35 . 2013-05-03 12:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Java
2013-05-01 20:41 . 2013-05-01 20:41 -------- d-----w- c:\users\Vašek\AppData\Local\The Lord of the Rings Online
2013-05-01 19:59 . 2013-05-01 20:35 -------- d-----w- c:\users\Vašek\AppData\Local\Turbine
2013-05-01 19:59 . 2013-05-01 20:01 -------- d-----w- c:\users\Vašek\AppData\Local\ApplicationHistory
2013-05-01 17:45 . 2013-05-01 17:45 -------- d-----w- c:\users\Vašek\AppData\Local\SCE
2013-05-01 09:26 . 2013-05-01 09:26 -------- d-----w- c:\users\Vašek\AppData\Roaming\LOVE
2013-04-28 20:14 . 2013-02-04 16:44 312864 ----a-w- c:\windows\SysWow64\fmod_event.dll
2013-04-28 20:14 . 2013-02-04 16:44 804384 ----a-w- c:\windows\SysWow64\fmodex.dll
2013-04-28 06:56 . 2013-04-28 06:56 -------- d-----w- c:\users\Vašek\AppData\Roaming\Wargaming.net
2013-04-27 19:10 . 2013-04-27 19:11 -------- d-----w- c:\users\Vašek\AppData\Roaming\Braid
2013-04-27 06:40 . 2013-04-27 06:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-24 05:36 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 07:56 . 2012-03-08 07:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 07:56 . 2012-03-08 07:00 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 07:56 . 2013-03-13 19:56 17613192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-14 16:21 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 16:16 . 2013-03-06 18:33 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-09 16:16 . 2012-08-27 13:12 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-09 14:41 . 2012-08-18 18:34 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-03 12:35 . 2012-08-17 17:10 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-03 12:35 . 2012-08-17 17:10 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-03-31 16:51 . 2013-03-31 16:51 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-03-31 16:51 . 2013-03-31 16:51 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-03-31 16:51 . 2013-03-31 16:51 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-03-31 16:51 . 2013-03-31 16:51 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-03-31 16:51 . 2013-03-31 16:51 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-03-31 16:51 . 2013-03-31 16:51 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2013-03-31 16:51 . 2013-03-31 16:51 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-03-31 16:51 . 2013-03-31 16:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-03-31 16:51 . 2013-03-31 16:51 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-31 16:51 . 2013-03-31 16:51 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-03-31 16:51 . 2013-03-31 16:51 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-03-31 16:50 . 2013-03-31 16:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-03-31 16:50 . 2013-03-31 16:50 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-31 16:50 . 2013-03-31 16:50 340992 ----a-w- c:\windows\system32\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-03-31 16:50 . 2013-03-31 16:50 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-31 16:50 . 2013-03-31 16:50 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-31 16:50 . 2013-03-31 16:50 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-03-31 16:50 . 2013-03-31 16:50 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-03-25 10:47 . 2013-03-25 10:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-03-19 06:04 . 2013-04-10 07:10 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 07:10 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 07:10 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 07:10 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 07:10 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 07:10 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-15 05:53 . 2013-01-10 13:50 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-07-26 20:54 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-07-26 20:54 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-07-26 20:54 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2012-07-26 20:55 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-07-26 20:55 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-07-26 20:55 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-07-26 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-07-26 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-07-26 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-07-26 20:55 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-06 23:33 . 2013-03-12 12:22 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2013-03-12 12:22 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2012-08-17 18:41 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-08-17 18:41 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-08-17 18:41 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-08-17 18:41 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-08-17 18:41 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-08-17 18:41 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-08-17 18:40 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-08-17 18:41 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-06 18:42 . 2012-08-18 18:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-01 03:36 . 2013-04-10 07:10 3153408 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 08:28 . 2012-07-12 08:28 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}]
2013-03-27 12:19 13448 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C}]
2013-02-14 13:45 271256 ----a-w- c:\program files (x86)\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4D594333-0076-A76A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" [2013-03-27 13448]
.
[HKEY_CLASSES_ROOT\clsid\{4d594333-0076-a76a-76a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-04 291096]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2012-02-07 636520]
"avast"="d:\programy\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"KiesTrayAgent"="d:\programy\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_80CF330A;CyberLink Product - 2012/07/26 14:15;c:\program files (x86)\Acer\clear.fi SDK20\Movie\NavFilter\kmsvc.exe [2012-04-18 242664]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 ArvoFltr;ROCCAT Arvo;c:\windows\system32\drivers\ArvoFltr.sys [2009-05-06 15872]
R3 aswVmm;aswVmm; [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe [2013-01-15 45056]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;d:\programy\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-08-10 150464]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-03-31 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-03-31 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-03-31 30208]
R3 TunngleService;TunngleService;d:\programy\Tunngle\TnglCtrl.exe [2012-11-26 745368]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswRvrt;aswRvrt; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2011-12-04 16152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-03-08 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-03-08 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-03-08 62776]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-22 78208]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-03-27 169096]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 AVerRECentral;AVerRECentral;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [2012-07-31 339456]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\hry\Smite\HiPatchService.exe [2012-10-09 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TeamViewer8;TeamViewer 8;d:\programy\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2012-10-17 49152]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 AVer330;AVer330;c:\windows\system32\DRIVERS\AVer330.sys [2012-09-17 1431424]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-17 283200]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2011-12-04 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2011-12-04 785688]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_80CF330A
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-08 07:56]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- d:\programy\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-11-14 13353064]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-01-25 499608]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 123400]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=668083&p=
FF - ExtSQL: 2013-03-21 22:28; artur.dubovoy@gmail.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2013-03-27 13:20; toolbar_MYC3@apn.ask.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\toolbar_MYC3@apn.ask.com.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Advanced SystemCare 5 - d:\programy\Advanced SystemCare 5\ASCTray.exe
Wow6432Node-HKU-Default-Run-Arvo - c:\program files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-OVERGROWTH - d:\hry\Overgrowth\uninstall.exe
AddRemove-Pid_is1 - d:\hry\Pid\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-266349663-400684417-2290147511-1003\*¬ =*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\programy\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-05-15 12:03:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-15 10:03
.
Před spuštěním: Volných bajtů: 208 068 325 376
Po spuštění: Volných bajtů: 212 076 191 744
.
- - End Of File - - 2D85F0C1090BC3C0F8AA85DABAB90F7B
ComboFix 13-05-14.01 - Vašek 15.05.2013 11:34:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4045.2203 [GMT 2:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\AppLocA.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
c:\windows\PFRO.log
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\tmp676.tmp
c:\windows\SysWow64\tmp6A5.tmp
c:\windows\SysWow64\tmp9BED.tmp
c:\windows\SysWow64\tmp9C9A.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-15 do 2013-05-15 )))))))))))))))))))))))))))))))
.
.
2013-05-15 09:56 . 2013-05-15 09:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-15 09:56 . 2013-05-15 09:56 -------- d-----w- c:\users\Marek\AppData\Local\temp
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- C:\rsit
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- c:\program files\trend micro
2013-05-14 06:31 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1F56ABE-779B-45F0-845F-82036DDBE576}\mpengine.dll
2013-05-11 08:00 . 2013-05-11 08:00 -------- d-----w- c:\users\Marek\AppData\Roaming\OpenArena
2013-05-10 21:26 . 2013-05-10 21:26 -------- d-----w- c:\users\Marek\AppData\Local\BridgeProject
2013-05-09 22:29 . 2013-05-09 22:29 -------- d-----w- c:\windows\Simple Shutdown Timer
2013-05-09 17:24 . 2013-05-09 17:24 -------- d-----w- c:\users\Marek\AppData\Local\Criterion Games
2013-05-08 12:53 . 2013-05-08 12:53 -------- d-----w- c:\users\Marek\AppData\Local\The Lord of the Rings Online
2013-05-08 12:49 . 2013-05-08 12:49 -------- d-----w- c:\users\Marek\AppData\Local\Turbine
2013-05-08 12:48 . 2013-05-08 13:01 -------- d-----w- c:\users\Marek\AppData\Local\ApplicationHistory
2013-05-05 17:10 . 2013-05-05 17:10 -------- d-----w- c:\users\Public\CyberLink
2013-05-04 17:04 . 2013-05-13 13:08 -------- d-----w- c:\users\Vašek\AppData\Local\Game Dev Tycoon
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-03 12:35 . 2013-05-03 12:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Java
2013-05-01 20:41 . 2013-05-01 20:41 -------- d-----w- c:\users\Vašek\AppData\Local\The Lord of the Rings Online
2013-05-01 19:59 . 2013-05-01 20:35 -------- d-----w- c:\users\Vašek\AppData\Local\Turbine
2013-05-01 19:59 . 2013-05-01 20:01 -------- d-----w- c:\users\Vašek\AppData\Local\ApplicationHistory
2013-05-01 17:45 . 2013-05-01 17:45 -------- d-----w- c:\users\Vašek\AppData\Local\SCE
2013-05-01 09:26 . 2013-05-01 09:26 -------- d-----w- c:\users\Vašek\AppData\Roaming\LOVE
2013-04-28 20:14 . 2013-02-04 16:44 312864 ----a-w- c:\windows\SysWow64\fmod_event.dll
2013-04-28 20:14 . 2013-02-04 16:44 804384 ----a-w- c:\windows\SysWow64\fmodex.dll
2013-04-28 06:56 . 2013-04-28 06:56 -------- d-----w- c:\users\Vašek\AppData\Roaming\Wargaming.net
2013-04-27 19:10 . 2013-04-27 19:11 -------- d-----w- c:\users\Vašek\AppData\Roaming\Braid
2013-04-27 06:40 . 2013-04-27 06:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-24 05:36 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 07:56 . 2012-03-08 07:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 07:56 . 2012-03-08 07:00 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 07:56 . 2013-03-13 19:56 17613192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-14 16:21 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 16:16 . 2013-03-06 18:33 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-09 16:16 . 2012-08-27 13:12 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-09 14:41 . 2012-08-18 18:34 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-03 12:35 . 2012-08-17 17:10 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-03 12:35 . 2012-08-17 17:10 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-03-31 16:51 . 2013-03-31 16:51 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-03-31 16:51 . 2013-03-31 16:51 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-03-31 16:51 . 2013-03-31 16:51 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-03-31 16:51 . 2013-03-31 16:51 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-03-31 16:51 . 2013-03-31 16:51 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-03-31 16:51 . 2013-03-31 16:51 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2013-03-31 16:51 . 2013-03-31 16:51 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-03-31 16:51 . 2013-03-31 16:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-03-31 16:51 . 2013-03-31 16:51 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-31 16:51 . 2013-03-31 16:51 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-03-31 16:51 . 2013-03-31 16:51 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-03-31 16:50 . 2013-03-31 16:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-03-31 16:50 . 2013-03-31 16:50 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-31 16:50 . 2013-03-31 16:50 340992 ----a-w- c:\windows\system32\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-03-31 16:50 . 2013-03-31 16:50 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-31 16:50 . 2013-03-31 16:50 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-31 16:50 . 2013-03-31 16:50 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-03-31 16:50 . 2013-03-31 16:50 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-03-25 10:47 . 2013-03-25 10:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-03-19 06:04 . 2013-04-10 07:10 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 07:10 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 07:10 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 07:10 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 07:10 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 07:10 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-15 05:53 . 2013-01-10 13:50 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-07-26 20:54 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-07-26 20:54 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-07-26 20:54 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2012-07-26 20:55 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-07-26 20:55 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-07-26 20:55 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-07-26 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-07-26 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-07-26 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-07-26 20:55 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-06 23:33 . 2013-03-12 12:22 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2013-03-12 12:22 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2012-08-17 18:41 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-08-17 18:41 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-08-17 18:41 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-08-17 18:41 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-08-17 18:41 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-08-17 18:41 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-08-17 18:40 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-08-17 18:41 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-06 18:42 . 2012-08-18 18:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-01 03:36 . 2013-04-10 07:10 3153408 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 08:28 . 2012-07-12 08:28 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}]
2013-03-27 12:19 13448 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C}]
2013-02-14 13:45 271256 ----a-w- c:\program files (x86)\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4D594333-0076-A76A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" [2013-03-27 13448]
.
[HKEY_CLASSES_ROOT\clsid\{4d594333-0076-a76a-76a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-04 291096]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2012-02-07 636520]
"avast"="d:\programy\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"KiesTrayAgent"="d:\programy\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_80CF330A;CyberLink Product - 2012/07/26 14:15;c:\program files (x86)\Acer\clear.fi SDK20\Movie\NavFilter\kmsvc.exe [2012-04-18 242664]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 ArvoFltr;ROCCAT Arvo;c:\windows\system32\drivers\ArvoFltr.sys [2009-05-06 15872]
R3 aswVmm;aswVmm; [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe [2013-01-15 45056]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;d:\programy\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-08-10 150464]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-03-31 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-03-31 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-03-31 30208]
R3 TunngleService;TunngleService;d:\programy\Tunngle\TnglCtrl.exe [2012-11-26 745368]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswRvrt;aswRvrt; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2011-12-04 16152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-03-08 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-03-08 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-03-08 62776]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-22 78208]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-03-27 169096]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 AVerRECentral;AVerRECentral;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [2012-07-31 339456]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\hry\Smite\HiPatchService.exe [2012-10-09 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TeamViewer8;TeamViewer 8;d:\programy\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2012-10-17 49152]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 AVer330;AVer330;c:\windows\system32\DRIVERS\AVer330.sys [2012-09-17 1431424]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-17 283200]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2011-12-04 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2011-12-04 785688]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_80CF330A
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-08 07:56]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- d:\programy\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-11-14 13353064]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-01-25 499608]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 123400]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=668083&p=
FF - ExtSQL: 2013-03-21 22:28; artur.dubovoy@gmail.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2013-03-27 13:20; toolbar_MYC3@apn.ask.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\toolbar_MYC3@apn.ask.com.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Advanced SystemCare 5 - d:\programy\Advanced SystemCare 5\ASCTray.exe
Wow6432Node-HKU-Default-Run-Arvo - c:\program files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-OVERGROWTH - d:\hry\Overgrowth\uninstall.exe
AddRemove-Pid_is1 - d:\hry\Pid\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-266349663-400684417-2290147511-1003\*¬ =*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\programy\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-05-15 12:03:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-15 10:03
.
Před spuštěním: Volných bajtů: 208 068 325 376
Po spuštění: Volných bajtů: 212 076 191 744
.
- - End Of File - - 2D85F0C1090BC3C0F8AA85DABAB90F7B
Re: Náhodné otevírání stránek v prohlížeči
Tak k pc jsem sednul až teď večer po vypnutí a zapnutí a programy zase fungují normálně a jde vše spouštět
Re: Náhodné otevírání stránek v prohlížeči
Jeste docistime Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: c:\program files (x86)\AskPartnerNetwork Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{4D594333-0076-A76A-76A7-7A786E7484D7}"=- [-HKEY_CLASSES_ROOT\clsid\{4d594333-0076-a76a-76a7-7a786e7484d7}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"=- "BCSSync"=- "SwitchBoard"=- "AdobeCS5.5ServiceManager"=- "Adobe ARM"=- "KiesTrayAgent"=- "SunJavaUpdateSched"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=- Driver:: APNMCP File:: c:\windows\Tasks\Adobe Flash Player Updater.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000Core.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000UA.job DDS:: uStart Page = hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc Firefox:: FF - ProfilePath - c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =668083&p= FF - ExtSQL: 2013-03-21 22:28; artur.dubovoy@gmail.com; c:\users\VaÅ¡ek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\artur.dubovoy@gmail.com.xpi FF - ExtSQL: 2013-03-27 13:20; toolbar_MYC3@apn.ask.com; c:\users\VaÅ¡ek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\toolbar_MYC3@apn.ask.com.xpi RegNull:: [HKEY_USERS\S-1-5-21-266349663-400684417-2290147511-1003\*¬ =*] RegLock:: [HKEY_USERS\S-1-5-21-266349663-400684417-2290147511-1003\*¬ =*] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] ClearJavaCache:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Náhodné otevírání stránek v prohlížeči
ComboFix 13-05-14.01 - Vašek 16.05.2013 10:51:49.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4045.2379 [GMT 2:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VaÜek\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-16 do 2013-05-16 )))))))))))))))))))))))))))))))
.
.
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\Vaçek\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\Marek\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\FIFA 13\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- C:\rsit
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- c:\program files\trend micro
2013-05-11 08:00 . 2013-05-11 08:00 -------- d-----w- c:\users\Marek\AppData\Roaming\OpenArena
2013-05-10 21:26 . 2013-05-10 21:26 -------- d-----w- c:\users\Marek\AppData\Local\BridgeProject
2013-05-09 22:29 . 2013-05-09 22:29 -------- d-----w- c:\windows\Simple Shutdown Timer
2013-05-09 17:24 . 2013-05-09 17:24 -------- d-----w- c:\users\Marek\AppData\Local\Criterion Games
2013-05-08 12:53 . 2013-05-08 12:53 -------- d-----w- c:\users\Marek\AppData\Local\The Lord of the Rings Online
2013-05-08 12:49 . 2013-05-08 12:49 -------- d-----w- c:\users\Marek\AppData\Local\Turbine
2013-05-08 12:48 . 2013-05-08 13:01 -------- d-----w- c:\users\Marek\AppData\Local\ApplicationHistory
2013-05-05 17:10 . 2013-05-05 17:10 -------- d-----w- c:\users\Public\CyberLink
2013-05-04 17:04 . 2013-05-13 13:08 -------- d-----w- c:\users\Vašek\AppData\Local\Game Dev Tycoon
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-03 12:35 . 2013-05-03 12:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Java
2013-05-01 20:41 . 2013-05-01 20:41 -------- d-----w- c:\users\Vašek\AppData\Local\The Lord of the Rings Online
2013-05-01 19:59 . 2013-05-01 20:35 -------- d-----w- c:\users\Vašek\AppData\Local\Turbine
2013-05-01 19:59 . 2013-05-01 20:01 -------- d-----w- c:\users\Vašek\AppData\Local\ApplicationHistory
2013-05-01 17:45 . 2013-05-01 17:45 -------- d-----w- c:\users\Vašek\AppData\Local\SCE
2013-05-01 09:26 . 2013-05-01 09:26 -------- d-----w- c:\users\Vašek\AppData\Roaming\LOVE
2013-04-28 20:14 . 2013-02-04 16:44 312864 ----a-w- c:\windows\SysWow64\fmod_event.dll
2013-04-28 20:14 . 2013-02-04 16:44 804384 ----a-w- c:\windows\SysWow64\fmodex.dll
2013-04-28 06:56 . 2013-04-28 06:56 -------- d-----w- c:\users\Vašek\AppData\Roaming\Wargaming.net
2013-04-27 19:10 . 2013-04-27 19:11 -------- d-----w- c:\users\Vašek\AppData\Roaming\Braid
2013-04-27 06:40 . 2013-04-27 06:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-24 05:36 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 07:56 . 2012-03-08 07:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 07:56 . 2012-03-08 07:00 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 07:56 . 2013-03-13 19:56 17613192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-14 16:21 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 16:16 . 2013-03-06 18:33 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-09 16:16 . 2012-08-27 13:12 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-09 14:41 . 2012-08-18 18:34 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-03 12:35 . 2012-08-17 17:10 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-03 12:35 . 2012-08-17 17:10 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-03-31 16:51 . 2013-03-31 16:51 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-03-31 16:51 . 2013-03-31 16:51 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-03-31 16:51 . 2013-03-31 16:51 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-03-31 16:51 . 2013-03-31 16:51 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-03-31 16:51 . 2013-03-31 16:51 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-03-31 16:51 . 2013-03-31 16:51 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2013-03-31 16:51 . 2013-03-31 16:51 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-03-31 16:51 . 2013-03-31 16:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-03-31 16:51 . 2013-03-31 16:51 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-31 16:51 . 2013-03-31 16:51 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-03-31 16:51 . 2013-03-31 16:51 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-03-31 16:50 . 2013-03-31 16:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-03-31 16:50 . 2013-03-31 16:50 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-31 16:50 . 2013-03-31 16:50 340992 ----a-w- c:\windows\system32\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-03-31 16:50 . 2013-03-31 16:50 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-31 16:50 . 2013-03-31 16:50 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-31 16:50 . 2013-03-31 16:50 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-03-31 16:50 . 2013-03-31 16:50 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-03-25 10:47 . 2013-03-25 10:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-03-19 06:04 . 2013-04-10 07:10 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 07:10 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 07:10 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 07:10 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 07:10 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 07:10 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-15 05:53 . 2013-01-10 13:50 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-07-26 20:54 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-07-26 20:54 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-07-26 20:54 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2012-07-26 20:55 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-07-26 20:55 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-07-26 20:55 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-07-26 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-07-26 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-07-26 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-07-26 20:55 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-06 23:33 . 2013-03-12 12:22 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2013-03-12 12:22 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2012-08-17 18:41 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-08-17 18:41 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-08-17 18:41 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-08-17 18:41 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-08-17 18:41 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-08-17 18:41 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-08-17 18:40 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-08-17 18:41 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-06 18:42 . 2012-08-18 18:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-01 03:36 . 2013-04-10 07:10 3153408 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 08:28 . 2012-07-12 08:28 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}]
2013-03-27 12:19 13448 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C}]
2013-02-14 13:45 271256 ----a-w- c:\program files (x86)\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4D594333-0076-A76A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" [2013-03-27 13448]
.
[HKEY_CLASSES_ROOT\clsid\{4d594333-0076-a76a-76a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-04 291096]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2012-02-07 636520]
"avast"="d:\programy\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"KiesTrayAgent"="d:\programy\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_80CF330A;CyberLink Product - 2012/07/26 14:15;c:\program files (x86)\Acer\clear.fi SDK20\Movie\NavFilter\kmsvc.exe [2012-04-18 242664]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 ArvoFltr;ROCCAT Arvo;c:\windows\system32\drivers\ArvoFltr.sys [2009-05-06 15872]
R3 aswVmm;aswVmm; [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe [2013-01-15 45056]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;d:\programy\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-08-10 150464]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-03-31 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-03-31 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-03-31 30208]
R3 TunngleService;TunngleService;d:\programy\Tunngle\TnglCtrl.exe [2012-11-26 745368]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswRvrt;aswRvrt; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2011-12-04 16152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-03-08 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-03-08 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-03-08 62776]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-22 78208]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-03-27 169096]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 AVerRECentral;AVerRECentral;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [2012-07-31 339456]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TeamViewer8;TeamViewer 8;d:\programy\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2012-10-17 49152]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 AVer330;AVer330;c:\windows\system32\DRIVERS\AVer330.sys [2012-09-17 1431424]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-17 283200]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2011-12-04 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2011-12-04 785688]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - CLKMDRV10_80CF330A
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-08 07:56]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
2013-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- d:\programy\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-11-14 13353064]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-01-25 499608]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 123400]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=668083&p=
FF - ExtSQL: 2013-03-21 22:28; artur.dubovoy@gmail.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2013-03-27 13:20; toolbar_MYC3@apn.ask.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\toolbar_MYC3@apn.ask.com.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-OVERGROWTH - d:\hry\Overgrowth\uninstall.exe
AddRemove-Pid_is1 - d:\hry\Pid\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-266349663-400684417-2290147511-1003\*¬ =*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-16 11:00:13
ComboFix-quarantined-files.txt 2013-05-16 09:00
ComboFix2.txt 2013-05-15 10:03
.
Před spuštěním: Volných bajtů: 208 819 122 176
Po spuštění: Volných bajtů: 208 491 347 968
.
- - End Of File - - 952D886A2C384AA48090453A3E5F74EE
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4045.2379 [GMT 2:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VaÜek\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\FIFA 13\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Marek\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-16 do 2013-05-16 )))))))))))))))))))))))))))))))
.
.
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\Vaçek\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\Marek\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\FIFA 13\AppData\Local\temp
2013-05-16 08:58 . 2013-05-16 08:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- C:\rsit
2013-05-14 09:21 . 2013-05-14 09:21 -------- d-----w- c:\program files\trend micro
2013-05-11 08:00 . 2013-05-11 08:00 -------- d-----w- c:\users\Marek\AppData\Roaming\OpenArena
2013-05-10 21:26 . 2013-05-10 21:26 -------- d-----w- c:\users\Marek\AppData\Local\BridgeProject
2013-05-09 22:29 . 2013-05-09 22:29 -------- d-----w- c:\windows\Simple Shutdown Timer
2013-05-09 17:24 . 2013-05-09 17:24 -------- d-----w- c:\users\Marek\AppData\Local\Criterion Games
2013-05-08 12:53 . 2013-05-08 12:53 -------- d-----w- c:\users\Marek\AppData\Local\The Lord of the Rings Online
2013-05-08 12:49 . 2013-05-08 12:49 -------- d-----w- c:\users\Marek\AppData\Local\Turbine
2013-05-08 12:48 . 2013-05-08 13:01 -------- d-----w- c:\users\Marek\AppData\Local\ApplicationHistory
2013-05-05 17:10 . 2013-05-05 17:10 -------- d-----w- c:\users\Public\CyberLink
2013-05-04 17:04 . 2013-05-13 13:08 -------- d-----w- c:\users\Vašek\AppData\Local\Game Dev Tycoon
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-03 12:35 . 2013-05-03 12:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-03 12:35 . 2013-05-03 12:35 -------- d-----w- c:\program files (x86)\Java
2013-05-01 20:41 . 2013-05-01 20:41 -------- d-----w- c:\users\Vašek\AppData\Local\The Lord of the Rings Online
2013-05-01 19:59 . 2013-05-01 20:35 -------- d-----w- c:\users\Vašek\AppData\Local\Turbine
2013-05-01 19:59 . 2013-05-01 20:01 -------- d-----w- c:\users\Vašek\AppData\Local\ApplicationHistory
2013-05-01 17:45 . 2013-05-01 17:45 -------- d-----w- c:\users\Vašek\AppData\Local\SCE
2013-05-01 09:26 . 2013-05-01 09:26 -------- d-----w- c:\users\Vašek\AppData\Roaming\LOVE
2013-04-28 20:14 . 2013-02-04 16:44 312864 ----a-w- c:\windows\SysWow64\fmod_event.dll
2013-04-28 20:14 . 2013-02-04 16:44 804384 ----a-w- c:\windows\SysWow64\fmodex.dll
2013-04-28 06:56 . 2013-04-28 06:56 -------- d-----w- c:\users\Vašek\AppData\Roaming\Wargaming.net
2013-04-27 19:10 . 2013-04-27 19:11 -------- d-----w- c:\users\Vašek\AppData\Roaming\Braid
2013-04-27 06:40 . 2013-04-27 06:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-24 05:36 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 07:56 . 2012-03-08 07:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 07:56 . 2012-03-08 07:00 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 07:56 . 2013-03-13 19:56 17613192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-14 16:21 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 16:16 . 2013-03-06 18:33 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-09 16:16 . 2012-08-27 13:12 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-09 14:41 . 2012-08-18 18:34 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-03 12:35 . 2012-08-17 17:10 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-03 12:35 . 2012-08-17 17:10 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-03-31 16:51 . 2013-03-31 16:51 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-03-31 16:51 . 2013-03-31 16:51 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-03-31 16:51 . 2013-03-31 16:51 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-03-31 16:51 . 2013-03-31 16:51 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-03-31 16:51 . 2013-03-31 16:51 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-03-31 16:51 . 2013-03-31 16:51 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-03-31 16:51 . 2013-03-31 16:51 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-03-31 16:51 . 2013-03-31 16:51 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-03-31 16:51 . 2013-03-31 16:51 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2013-03-31 16:51 . 2013-03-31 16:51 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-03-31 16:51 . 2013-03-31 16:51 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-03-31 16:51 . 2013-03-31 16:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-03-31 16:51 . 2013-03-31 16:51 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-03-31 16:51 . 2013-03-31 16:51 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-03-31 16:51 . 2013-03-31 16:51 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-03-31 16:51 . 2013-03-31 16:51 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-03-31 16:51 . 2013-03-31 16:51 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-03-31 16:51 . 2013-03-31 16:51 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-03-31 16:50 . 2013-03-31 16:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-03-31 16:50 . 2013-03-31 16:50 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-31 16:50 . 2013-03-31 16:50 340992 ----a-w- c:\windows\system32\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-03-31 16:50 . 2013-03-31 16:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-03-31 16:50 . 2013-03-31 16:50 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-31 16:50 . 2013-03-31 16:50 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-31 16:50 . 2013-03-31 16:50 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-03-31 16:50 . 2013-03-31 16:50 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-03-25 10:47 . 2013-03-25 10:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-03-19 06:04 . 2013-04-10 07:10 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 07:10 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 07:10 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 07:10 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 07:10 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 07:10 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-15 05:53 . 2013-01-10 13:50 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-07-26 20:54 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-07-26 20:54 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-07-26 20:54 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2012-07-26 20:55 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-07-26 20:55 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-07-26 20:55 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-07-26 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-07-26 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-07-26 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-07-26 20:55 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-06 23:33 . 2013-03-12 12:22 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2013-03-12 12:22 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2012-08-17 18:41 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-08-17 18:41 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-08-17 18:41 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-08-17 18:41 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-08-17 18:41 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-08-17 18:41 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-08-17 18:40 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-08-17 18:41 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-06 18:42 . 2012-08-18 18:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-01 03:36 . 2013-04-10 07:10 3153408 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 08:28 . 2012-07-12 08:28 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}]
2013-03-27 12:19 13448 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C}]
2013-02-14 13:45 271256 ----a-w- c:\program files (x86)\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4D594333-0076-A76A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" [2013-03-27 13448]
.
[HKEY_CLASSES_ROOT\clsid\{4d594333-0076-a76a-76a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-04 291096]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2012-02-07 636520]
"avast"="d:\programy\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"KiesTrayAgent"="d:\programy\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_80CF330A;CyberLink Product - 2012/07/26 14:15;c:\program files (x86)\Acer\clear.fi SDK20\Movie\NavFilter\kmsvc.exe [2012-04-18 242664]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 ArvoFltr;ROCCAT Arvo;c:\windows\system32\drivers\ArvoFltr.sys [2009-05-06 15872]
R3 aswVmm;aswVmm; [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe [2013-01-15 45056]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;d:\programy\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-08-10 150464]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-03-31 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-03-31 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-03-31 30208]
R3 TunngleService;TunngleService;d:\programy\Tunngle\TnglCtrl.exe [2012-11-26 745368]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswRvrt;aswRvrt; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2011-12-04 16152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-03-08 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-03-08 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-03-08 62776]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-22 78208]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-03-27 169096]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 AVerRECentral;AVerRECentral;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [2012-07-31 339456]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TeamViewer8;TeamViewer 8;d:\programy\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2012-10-17 49152]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 AVer330;AVer330;c:\windows\system32\DRIVERS\AVer330.sys [2012-09-17 1431424]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-17 283200]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2011-12-04 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2011-12-04 785688]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - CLKMDRV10_80CF330A
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-08 07:56]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
2013-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-266349663-400684417-2290147511-1000UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 16:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- d:\programy\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-11-14 13353064]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-01-25 499608]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 123400]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=668083&p=
FF - ExtSQL: 2013-03-21 22:28; artur.dubovoy@gmail.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2013-03-27 13:20; toolbar_MYC3@apn.ask.com; c:\users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\6o9aeeq5.default\extensions\toolbar_MYC3@apn.ask.com.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-OVERGROWTH - d:\hry\Overgrowth\uninstall.exe
AddRemove-Pid_is1 - d:\hry\Pid\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-266349663-400684417-2290147511-1003\*¬ =*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-16 11:00:13
ComboFix-quarantined-files.txt 2013-05-16 09:00
ComboFix2.txt 2013-05-15 10:03
.
Před spuštěním: Volných bajtů: 208 819 122 176
Po spuštění: Volných bajtů: 208 491 347 968
.
- - End Of File - - 952D886A2C384AA48090453A3E5F74EE
Re: Náhodné otevírání stránek v prohlížeči
ComboFixu vadila diakritika v nazvu uctu Presunte tedy CF primo na disk c:\ Vytvorrte primo na c:\ znocu CFScript.txt a pretahnete jej nad CF"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?