Problém oprávnění

Zpráva

Corleon85 · #1 Příspěvek od **Corleon85** » 22 kvě 2013 18:25

Dobrý den,
prosím o pomoc. Asi před měsícem jsem měnil antivirový program, používal jsem BitDefender, ale jelikož mi končila licence, přešel jsem dočasně na ESET NOD32 6. Někdy v té době jsem také instaloval staženou hru Age of Empires HD. No a od té doby mám problém a sice nemůžu nic odinstalovat, nebo prostě smazat nějakou složku (příklad chci smazat složku umístěnou (C:)/Program Files (x86)/ Mafia2, pokud dám odstranit vyskočí mi hláška, že k provedení akce je nutné oprávnění, obraťte se prosím na Administrators, aby vám byla přidělena příslušná oprávnění, přitom já jsem přihlášen jako administrátor, nechápu, v čem je problém. No a pokud chci nějaký program odinstalovat například zmíněný, Age of Empires, nebo který jakýkoliv jiný tak mi to zas pokaždé hodí chybu "Error 5: přístup byl odepřen. Nemůžu nic odinstalovat, prostě NIC a pěkně mě to štve! Nemohl by za tím být nějaký červ, virus ? V těchto věcech se moc nevyznám

Za jakoukoli pomoc Děkuji.

Zde RSIT záznam

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lukáš at 2013-05-22 19:05:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 198 GB (21%) free of 953 GB
Total RAM: 4086 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:05:41, on 22.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
C:\Program Files (x86)\Razer\Arctosa\razerhid.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Age of Empires II HD\unins000.exe
C:\Program Files (x86)\Age of Empires II HD\unins000.exe
C:\Users\LUK~1\AppData\Local\Temp\_iu14D2N.tmp
C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Age of Empires II HD\unins000.exe
C:\Program Files (x86)\Age of Empires II HD\unins000.exe
C:\Users\LUK~1\AppData\Local\Temp\_iu14D2O.tmp
C:\Program Files\trend micro\Lukáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.85.55.178 poz1.rsts.cz #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 127.85.55.178 poz1 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [2kadiras] 2kadiras.exe
O4 - HKLM\..\Run: [adiras] 2kadiras.exe
O4 - HKLM\..\Run: [Razer Imperator Driver] c:\program files (x86)\razer\imperator\razerimperatorsystray.exe
O4 - HKLM\..\Run: [Arctosa] c:\program files (x86)\razer\arctosa\razerhid.exe
O4 - HKLM\..\Run: [SwitchBoard] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lukáš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files (x86)\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UltiDev Cassini Web Server for ASP.NET 2.0 - UltiDev LLC - C:\Program Files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 13705 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe"
"C:\Program Files (x86)\x86\ekrn.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
WLIDSvcM.exe 1364
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe"
"C:\Program Files (x86)\Razer\Arctosa\razerhid.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4008.0.698693516\1571623995" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x05e2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:12
taskeng.exe {C95247E3-D59C-4234-BF8E-77FCAE228328}
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose
"C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4008.16.1151546638\1356750373" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_87/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4008.29.1937932125\1946256568" /prefetch:3
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Age of Empires II HD\unins000.exe"
"C:\Program Files (x86)\Age of Empires II HD\unins000.exe" /INITPROCWND=$E046A
"C:\Users\LUK~1\AppData\Local\Temp\_iu14D2N.tmp" /SECONDPHASE="C:\Program Files (x86)\Age of Empires II HD\unins000.exe" /FIRSTPHASEWND=$D0384 /INITPROCWND=$E046A
"C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_87/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4008.42.1432715517\542279747" /prefetch:3
"C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_87/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4008.44.871027867\660342547" /prefetch:3
"C:\Users\Lukáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_87/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4008.46.976233097\757075688" /prefetch:3
"C:\Program Files (x86)\Age of Empires II HD\unins000.exe"
"C:\Program Files (x86)\Age of Empires II HD\unins000.exe" /INITPROCWND=$1E0316
"C:\Users\LUK~1\AppData\Local\Temp\_iu14D2O.tmp" /SECONDPHASE="C:\Program Files (x86)\Age of Empires II HD\unins000.exe" /FIRSTPHASEWND=$B03A6 /INITPROCWND=$1E0316
taskeng.exe {B7EB74EA-329A-48F1-92EF-96D2DD833212}
"C:\Users\Lukáš\Desktop\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-861332635-3556599228-1674643736-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-861332635-3556599228-1674643736-1002UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?ba ... 0.10012&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\extensions\
info@djzig.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-18 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-08 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-08 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-03-27 12459112]
"egui"=C:\Program Files (x86)\egui.exe [2013-03-21 6330568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Users\Lukáš\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-16 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Arctosa]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Imperator Driver]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"2kadiras"=C:\Windows\2kadiras.exe [2003-08-20 32768]
"adiras"=C:\Windows\2kadiras.exe [2003-08-20 32768]
"Razer Imperator Driver"=c:\program files (x86)\razer\imperator\razerimperatorsystray.exe [2011-06-03 979360]
"Arctosa"=c:\program files (x86)\razer\arctosa\razerhid.exe [2008-10-06 147456]
"SwitchBoard"=c:\program files (x86)\common files\adobe\switchboard\switchboard.exe [2010-02-19 517096]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
""= []
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-06-16 259072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 2 months======

2013-05-22 18:07:36 ----D---- C:\Program Files\trend micro
2013-05-22 18:07:35 ----D---- C:\rsit
2013-05-21 21:31:25 ----A---- C:\Program Files (x86)\em028_64.dat
2013-05-15 23:03:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-15 23:03:39 ----A---- C:\Windows\system32\mshtml.dll
2013-05-15 20:07:03 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 20:07:03 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 20:07:03 ----A---- C:\Windows\system32\cdd.dll
2013-05-15 20:06:38 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 20:06:36 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 20:06:36 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 20:06:36 ----A---- C:\Windows\system32\authui.dll
2013-05-15 20:06:35 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 20:06:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 20:06:35 ----A---- C:\Windows\system32\consent.exe
2013-05-15 20:06:35 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 20:06:16 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 20:06:16 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 20:06:14 ----A---- C:\Windows\system32\win32k.sys
2013-05-05 16:03:17 ----D---- C:\Program Files (x86)\VS Revo Group
2013-05-04 14:11:06 ----D---- C:\Users\Lukáš\AppData\Roaming\Bioshock
2013-05-04 14:04:55 ----D---- C:\Program Files (x86)\BioShock
2013-05-03 20:19:42 ----A---- C:\Program Files (x86)\em024_32.dat
2013-05-03 20:19:42 ----A---- C:\Program Files (x86)\em023_32.dat
2013-05-03 20:19:41 ----A---- C:\Program Files (x86)\em022_32.dat
2013-05-03 20:19:41 ----A---- C:\Program Files (x86)\em019_32.dat
2013-05-03 20:19:41 ----A---- C:\Program Files (x86)\em018_64.dat
2013-05-03 20:19:41 ----A---- C:\Program Files (x86)\em018_32.dat
2013-05-03 20:19:41 ----A---- C:\Program Files (x86)\em017_64.dat
2013-05-03 20:19:40 ----A---- C:\Program Files (x86)\em017_32.dat
2013-05-03 20:19:39 ----A---- C:\Program Files (x86)\em015_64.dat
2013-05-03 20:19:39 ----A---- C:\Program Files (x86)\em015_32.dat
2013-05-03 20:19:39 ----A---- C:\Program Files (x86)\em009_64.dat
2013-05-03 20:19:39 ----A---- C:\Program Files (x86)\em009_32.dat
2013-05-03 20:19:38 ----A---- C:\Program Files (x86)\em006_64.dat
2013-05-03 20:19:38 ----A---- C:\Program Files (x86)\em006_32.dat
2013-05-03 20:19:38 ----A---- C:\Program Files (x86)\em005_32.dat
2013-05-03 20:19:38 ----A---- C:\Program Files (x86)\em004_32.dat
2013-05-03 20:19:37 ----A---- C:\Program Files (x86)\em003_32.dat
2013-05-03 20:19:37 ----A---- C:\Program Files (x86)\em002_32.dat
2013-05-03 20:19:30 ----A---- C:\Program Files (x86)\em001_32.dat
2013-05-03 20:19:29 ----A---- C:\Program Files (x86)\em000_64.dat
2013-05-03 20:19:29 ----A---- C:\Program Files (x86)\em000_32.dat
2013-05-03 20:18:29 ----D---- C:\Program Files (x86)\x86
2013-05-03 20:18:29 ----D---- C:\Program Files (x86)\Drivers
2013-05-03 20:18:28 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-05-03 20:18:25 ----D---- C:\ProgramData\ESET
2013-05-03 20:18:25 ----D---- C:\Program Files (x86)\License
2013-05-03 19:48:02 ----D---- C:\Program Files (x86)\Age of Empires II HD
2013-04-24 14:17:19 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-21 13:33:45 ----D---- C:\Users\Lukáš\AppData\Roaming\Milestone
2013-04-21 13:26:24 ----D---- C:\Program Files (x86)\WRC 3 World Rally Championship 2012
2013-04-14 10:33:09 ----D---- C:\ProgramData\VS Revo Group
2013-04-14 10:33:08 ----A---- C:\Windows\system32\drivers\revoflt.sys
2013-04-14 10:33:07 ----D---- C:\Program Files (x86)\Revo Uninstaller Pro
2013-04-14 00:41:03 ----A---- C:\Windows\wininit.ini
2013-04-13 23:54:59 ----A---- C:\Windows\system32\sdnclean64.exe
2013-04-13 23:54:54 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-12 19:46:09 ----D---- C:\ProgramData\SuperOvladac
2013-04-12 19:40:10 ----D---- C:\ProgramData\DriverGenius
2013-04-10 14:02:23 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 14:02:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 14:02:16 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 14:02:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 14:02:13 ----A---- C:\Windows\system32\smss.exe
2013-04-10 14:02:12 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-10 14:02:11 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-09 15:05:37 ----D---- C:\Users\Lukáš\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-04-09 14:54:51 ----D---- C:\Program Files (x86)\Warner Bros. Interactive Entertainment
2013-04-07 12:54:06 ----D---- C:\Program Files (x86)\FinalWire
2013-04-07 02:56:47 ----D---- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-04-07 02:56:36 ----D---- C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2013-04-07 02:36:17 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-04-07 02:36:16 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-04-07 02:36:16 ----A---- C:\Windows\system32\UIAnimation.dll
2013-04-07 02:36:16 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-04-07 02:35:50 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-04-07 02:35:50 ----A---- C:\Windows\system32\WMPhoto.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-07 02:35:46 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-07 02:35:46 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-04-07 02:35:46 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-04-07 02:35:46 ----A---- C:\Windows\system32\d3d10warp.dll
2013-04-07 02:35:46 ----A---- C:\Windows\system32\d3d10_1.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-07 02:35:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-07 02:35:45 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-04-07 02:35:45 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-04-07 02:35:45 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-04-07 02:35:45 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-04-07 02:35:45 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-04-07 02:35:45 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-04-07 02:35:45 ----A---- C:\Windows\system32\dxgi.dll
2013-04-07 02:35:45 ----A---- C:\Windows\system32\d3d10level9.dll
2013-04-07 02:35:45 ----A---- C:\Windows\system32\d3d10core.dll
2013-04-07 02:35:44 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-04-07 02:35:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-04-07 02:35:44 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-04-07 02:35:44 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-04-07 02:35:44 ----A---- C:\Windows\system32\XpsPrint.dll
2013-04-07 02:35:44 ----A---- C:\Windows\system32\FntCache.dll
2013-04-07 02:35:44 ----A---- C:\Windows\system32\d3d11.dll
2013-04-07 02:35:44 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-04-07 02:35:44 ----A---- C:\Windows\system32\d3d10.dll
2013-04-07 02:35:43 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-04-07 02:35:43 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-04-07 02:35:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-04-07 02:35:43 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-04-07 02:35:43 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-04-07 02:35:43 ----A---- C:\Windows\system32\DWrite.dll
2013-04-07 02:35:43 ----A---- C:\Windows\system32\d2d1.dll
2013-04-07 02:05:46 ----A---- C:\Users\Lukáš\AppData\Roaming\Network Meter_Usage.ini
2013-04-07 02:05:27 ----A---- C:\Users\Lukáš\AppData\Roaming\Network Meter_Settings.ini
2013-04-07 01:50:29 ----A---- C:\Users\Lukáš\AppData\Roaming\GPU MeterV2_Settings.ini
2013-04-07 01:47:55 ----A---- C:\Users\Lukáš\AppData\Roaming\All CPU MeterV3_Settings.ini
2013-04-07 01:43:23 ----A---- C:\Users\Lukáš\AppData\Roaming\All CPU Meter_Settings.ini
2013-04-05 19:12:47 ----D---- C:\Program Files (x86)\Rockstar Games
2013-04-03 16:14:38 ----A---- C:\Program Files (x86)\ekrnUpdateLang.dll
2013-04-03 16:14:36 ----A---- C:\Program Files (x86)\eguiUpdateLang.dll
2013-04-03 16:14:28 ----A---- C:\Program Files (x86)\SysRescueLang.dll
2013-04-03 16:14:22 ----A---- C:\Program Files (x86)\SysInspectorLang.dll
2013-04-03 16:14:14 ----A---- C:\Program Files (x86)\ShellExtLang.dll
2013-04-03 16:13:40 ----A---- C:\Program Files (x86)\eplgTbLang.dll
2013-04-03 16:13:40 ----A---- C:\Program Files (x86)\eplgOutlookLang.dll
2013-04-03 16:13:40 ----A---- C:\Program Files (x86)\eplgOELang.dll
2013-04-03 16:13:38 ----A---- C:\Program Files (x86)\ekrnMailPluginsLang.dll
2013-04-03 16:13:38 ----A---- C:\Program Files (x86)\eguiMailPluginsLang.dll
2013-04-03 16:13:22 ----A---- C:\Program Files (x86)\ekrnHipsLang.dll
2013-04-03 16:13:20 ----A---- C:\Program Files (x86)\eguiHipsLang.dll
2013-04-03 16:12:28 ----A---- C:\Program Files (x86)\ekrnScanLang.dll
2013-04-03 16:12:28 ----A---- C:\Program Files (x86)\eguiScanLang.dll
2013-04-03 16:12:14 ----A---- C:\Program Files (x86)\ekrnEpfwLang.dll
2013-04-03 16:12:12 ----A---- C:\Program Files (x86)\eguiEpfwLang.dll
2013-04-03 16:11:50 ----A---- C:\Program Files (x86)\ekrnLang.dll
2013-04-03 16:11:42 ----A---- C:\Program Files (x86)\eguiLang.dll
2013-04-03 16:11:28 ----A---- C:\Program Files (x86)\eplgOutlookEmonLang.dll
2013-04-03 16:11:28 ----A---- C:\Program Files (x86)\eguiEmonLang.dll
2013-04-03 16:11:12 ----A---- C:\Program Files (x86)\ekrnDmonLang.dll
2013-04-03 16:11:12 ----A---- C:\Program Files (x86)\eguiDmonLang.dll
2013-04-03 16:11:04 ----A---- C:\Program Files (x86)\eclsLang.dll
2013-04-03 16:10:56 ----A---- C:\Program Files (x86)\eguiAmonLang.dll
2013-03-28 19:35:14 ----D---- C:\Program Files (x86)\MSI Afterburner
2013-03-28 15:25:17 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-03-28 15:25:17 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-03-28 15:25:17 ----A---- C:\Windows\system32\nvopencl.dll
2013-03-28 15:25:17 ----A---- C:\Windows\system32\nvoglv64.dll
2013-03-28 15:25:17 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-03-28 15:25:16 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-03-28 15:25:16 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-03-28 15:25:16 ----A---- C:\Windows\system32\nvdispgenco6431422.dll
2013-03-28 15:25:16 ----A---- C:\Windows\system32\nvdispco6431422.dll
2013-03-28 15:25:16 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-03-28 15:25:16 ----A---- C:\Windows\system32\nvcuvid.dll
2013-03-28 15:25:16 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-03-28 15:25:16 ----A---- C:\Windows\system32\nvcuda.dll
2013-03-28 15:25:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-03-28 15:25:15 ----A---- C:\Windows\system32\nvcompiler.dll
2013-03-28 15:09:31 ----D---- C:\Program Files (x86)\GPU-Z
2013-03-28 14:28:35 ----D---- C:\Program Files (x86)\Unigine
2013-03-26 18:01:05 ----D---- C:\Program Files (x86)\Dead Space 3
2013-03-26 15:04:15 ----A---- C:\Windows\system32\drivers\usb8023x.sys
2013-03-26 15:04:15 ----A---- C:\Windows\system32\drivers\usb8023.sys

======List of files/folders modified in the last 2 months======

2013-05-22 19:05:38 ----D---- C:\Windows\Temp
2013-05-22 18:53:00 ----D---- C:\Program Files (x86)\Google
2013-05-22 18:13:39 ----D---- C:\Windows\Prefetch
2013-05-22 18:13:33 ----D---- C:\Windows\system32\config
2013-05-22 18:07:36 ----RD---- C:\Program Files
2013-05-22 18:02:15 ----SHD---- C:\Windows\Installer
2013-05-22 18:02:15 ----SHD---- C:\Config.Msi
2013-05-22 18:02:15 ----D---- C:\ProgramData\Microsoft Help
2013-05-22 18:00:57 ----SHD---- C:\System Volume Information
2013-05-21 21:52:40 ----D---- C:\Users\Lukáš\AppData\Roaming\uTorrent
2013-05-21 21:31:25 ----D---- C:\Program Files (x86)
2013-05-17 12:50:39 ----D---- C:\Windows\system32\catroot2
2013-05-16 15:01:13 ----D---- C:\Windows\rescache
2013-05-16 14:42:31 ----D---- C:\Windows\Microsoft.NET
2013-05-16 14:42:12 ----RSD---- C:\Windows\assembly
2013-05-15 23:12:51 ----D---- C:\Windows\winsxs
2013-05-15 23:10:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-05-15 23:10:05 ----D---- C:\Windows\SysWOW64
2013-05-15 23:10:05 ----D---- C:\Windows\system32\drivers
2013-05-15 23:10:05 ----D---- C:\Windows\system32\cs-CZ
2013-05-15 23:10:05 ----D---- C:\Windows\AppPatch
2013-05-15 23:10:05 ----AD---- C:\Windows\System32
2013-05-15 23:04:01 ----A---- C:\Windows\system32\MRT.exe
2013-05-15 23:03:48 ----D---- C:\Windows\system32\catroot
2013-05-15 22:24:24 ----D---- C:\Users\Lukáš\AppData\Roaming\Skype
2013-05-15 20:01:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-15 20:00:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-15 20:00:10 ----D---- C:\Windows\inf
2013-05-10 19:10:33 ----D---- C:\Windows
2013-05-10 17:25:46 ----D---- C:\ProgramData\Sony Corporation
2013-05-10 17:11:44 ----D---- C:\Windows\system32\Tasks
2013-05-10 17:07:26 ----SD---- C:\ProgramData\Microsoft
2013-05-06 13:43:10 ----D---- C:\Users\Lukáš\AppData\Roaming\DAEMON Tools Lite
2013-05-05 17:11:50 ----D---- C:\Users\Lukáš\AppData\Roaming\Solveig Multimedia
2013-05-05 16:42:41 ----D---- C:\Program Files\Common Files
2013-05-04 14:35:48 ----D---- C:\Windows\SYSWOW64\directx
2013-05-04 14:35:42 ----HD---- C:\Windows\msdownld.tmp
2013-05-04 12:28:35 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-05-03 22:07:42 ----D---- C:\ProgramData\ZalmanInstaller_otshot
2013-05-03 20:26:48 ----HD---- C:\ProgramData
2013-05-03 20:25:37 ----A---- C:\bdlog.txt
2013-05-03 20:20:51 ----D---- C:\Windows\system32\drivers\etc
2013-05-03 20:19:50 ----D---- C:\Windows\system32\DriverStore
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-23 16:04:51 ----D---- C:\ProgramData\Skype
2013-04-23 16:04:48 ----RD---- C:\Program Files (x86)\Skype
2013-04-23 16:04:48 ----D---- C:\Program Files (x86)\Common Files
2013-04-22 14:16:27 ----D---- C:\Program Files (x86)\uTorrent
2013-04-16 14:05:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-15 16:08:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-14 10:53:57 ----D---- C:\Program Files (x86)\CCleaner
2013-04-14 10:43:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-14 00:43:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-14 00:02:47 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2013-04-13 15:28:22 ----D---- C:\Program Files (x86)\CAPCOM
2013-04-12 19:41:37 ----D---- C:\Windows\SYSWOW64\drivers
2013-04-11 14:20:20 ----D---- C:\ProgramData\Adobe
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\it-IT
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\es-ES
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\el-GR
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\de-DE
2013-04-07 03:07:37 ----D---- C:\Windows\SYSWOW64\da-DK
2013-04-07 03:07:36 ----D---- C:\Windows\system32\zh-TW
2013-04-07 03:07:36 ----D---- C:\Windows\system32\zh-HK
2013-04-07 03:07:36 ----D---- C:\Windows\system32\zh-CN
2013-04-07 03:07:36 ----D---- C:\Windows\system32\tr-TR
2013-04-07 03:07:36 ----D---- C:\Windows\system32\sv-SE
2013-04-07 03:07:36 ----D---- C:\Windows\system32\ru-RU
2013-04-07 03:07:36 ----D---- C:\Windows\system32\pt-PT
2013-04-07 03:07:36 ----D---- C:\Windows\system32\pt-BR
2013-04-07 03:07:36 ----D---- C:\Windows\system32\pl-PL
2013-04-07 03:07:36 ----D---- C:\Windows\system32\nl-NL
2013-04-07 03:07:36 ----D---- C:\Windows\system32\nb-NO
2013-04-07 03:07:36 ----D---- C:\Windows\system32\ko-KR
2013-04-07 03:07:36 ----D---- C:\Windows\system32\ja-JP
2013-04-07 03:07:36 ----D---- C:\Windows\system32\it-IT
2013-04-07 03:07:36 ----D---- C:\Windows\system32\hu-HU
2013-04-07 03:07:36 ----D---- C:\Windows\system32\fr-FR
2013-04-07 03:07:36 ----D---- C:\Windows\system32\fi-FI
2013-04-07 03:07:36 ----D---- C:\Windows\system32\es-ES
2013-04-07 03:07:36 ----D---- C:\Windows\system32\en-US
2013-04-07 03:07:36 ----D---- C:\Windows\system32\el-GR
2013-04-07 03:07:36 ----D---- C:\Windows\system32\de-DE
2013-04-07 03:07:36 ----D---- C:\Windows\system32\da-DK
2013-04-07 02:56:27 ----D---- C:\Program Files (x86)\IObit
2013-04-06 15:20:35 ----D---- C:\Windows\system32\wbem
2013-04-06 15:19:34 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-04-06 15:19:34 ----D---- C:\Program Files (x86)\Origin
2013-04-06 15:19:33 ----D---- C:\Windows\AppCompat
2013-04-06 15:19:33 ----D---- C:\ProgramData\Origin
2013-04-06 15:19:31 ----D---- C:\Windows\Tasks
2013-04-06 15:19:31 ----D---- C:\Windows\registration
2013-03-29 19:56:45 ----D---- C:\Program Files (x86)\Drakensang Online
2013-03-28 15:28:28 ----D---- C:\Temp
2013-03-28 15:28:18 ----D---- C:\ProgramData\NVIDIA
2013-03-28 15:26:37 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-28 15:25:37 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 14192]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-01-12 106360]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-19 564824]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-19 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-05-18 314016]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-01-10 139768]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 120320]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-05-18 43680]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-27 4015592]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\system32\DRIVERS\PdiPorts.sys [2009-12-17 20592]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 77688]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 22936]
S3 EagleX64;EagleX64; C:\Windows\system32\drivers\EagleX64.sys []
S3 EfiVariable;Efi Variable Service; \??\C:\Windows\SysWOW64\Drivers\variable64.sys [2010-10-28 18200]
S3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-07 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-07 27760]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-16 6112672]
S3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 27648]
S3 LVcKap64;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap64.sys [2007-03-06 1029024]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2496928]
S3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2007-03-06 58400]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2007-03-06 468000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\Windows\system32\DRIVERS\s3017bus.sys [2007-12-10 109096]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 19496]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 146984]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 130600]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\Windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 34344]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s3017obex.sys [2007-12-10 125480]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\Windows\system32\DRIVERS\s3017unic.sys [2007-12-10 144936]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-10-25 57856]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
S3 WinUsb;Razer WinUSB; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 35256]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-01-28 80496]
R2 ekrn;ESET Service; C:\Program Files (x86)\x86\ekrn.exe [2013-03-21 1341664]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-11-09 189608]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-12-17 109168]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-14 76888]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-08-09 741224]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0; C:\Program Files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-24 136176]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 173344]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-24 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-08-07 3804120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-02 529744]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **stell** » 22 kvě 2013 18:39

Zdravim
Vsetko ,vsetky programy spustaj >> pravým tlačidlom myši a vyberte Spustiť ako administrátor.
1:Stiahnite OTL
http://oldtimer.geekstogo.com/OTL.exe
na plochu
pravy klik a Spust ako Spravca, potom do spodného políčka vlož nasledujuci skript.

Kód: Vybrat vše

:Commands
[resethosts]
[emptytemp]
[clearallrestorepoints]
[Reboot]

Označte položku
Pre všetkých užívateľov.
Kliknite na tlačidlo OPRAVIT
Po dokončení, sem vložte log.

2:Stiahnut na plochu a spustit ako admin
http://download.bleepingcomputer.com/grinler/rkill.com
Log Vloz sem.

3:Stiahnuť RogueKiller na plochu.
Pre 32 alebo 64 bit
http://www.viruskasino.com/2010/12/prog ... ogueKiller
Spustit ako admin, das prehladat >>potom ,ZMAZAT, log vloz sem.

4:spust podla navodu ADWcleanet>>Moznost>>DELETE
http://www.viruskasino.com/2012/09/adwcleaner.html
Log Vloz sem.

5:Spust ako Spravca JunkwareRemovalool.
http://www.viruskasino.com/2010/12/prog ... moval-tool
Log Vloz sem.

Corleon85 · #3 Příspěvek od **Corleon85** » 22 kvě 2013 18:57

Teď by to mělo být v pořádku

#4 Příspěvek od **stell** » 22 kvě 2013 19:00

Ano ted je to ok, ale neopravuj svoje prispevky, ale stale davaj, ako novy prispevok,ok?

stell píše:Zdravim
Vsetko ,vsetky programy spustaj >> pravým tlačidlom myši a vyberte Spustiť ako administrátor.
1:Stiahnite OTL
http://oldtimer.geekstogo.com/OTL.exe
na plochu
pravy klik a Spust ako Spravca, potom do spodného políčka vlož nasledujuci skript.
Kód: Vybrat vše
:Commands
[resethosts]
[emptytemp]
[clearallrestorepoints]
[Reboot]
Označte položku
Pre všetkých užívateľov.
Kliknite na tlačidlo OPRAVIT
Po dokončení, sem vložte log.

2:Stiahnut na plochu a spustit ako admin
http://download.bleepingcomputer.com/grinler/rkill.com
Log Vloz sem.

3:Stiahnuť RogueKiller na plochu.
Pre 32 alebo 64 bit
http://www.viruskasino.com/2010/12/prog ... ogueKiller
Spustit ako admin, das prehladat >>potom ,ZMAZAT, log vloz sem.

4:spust podla navodu ADWcleanet>>Moznost>>DELETE
http://www.viruskasino.com/2012/09/adwcleaner.html
Log Vloz sem.

5:Spust ako Spravca JunkwareRemovalool.
http://www.viruskasino.com/2010/12/prog ... moval-tool
Log Vloz sem.

Corleon85 · #5 Příspěvek od **Corleon85** » 22 kvě 2013 19:22

Takže bod 1

All processes killed
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Luká

User: Lukáš
->Temp folder emptied: 172106 bytes
->Temporary Internet Files folder emptied: 124764 bytes
->Java cache emptied: 72654781 bytes
->FireFox cache emptied: 106081469 bytes
->Google Chrome cache emptied: 413838280 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 541 bytes

User: Lukáš.Lukáš-PC
->Temp folder emptied: 41593 bytes
->Temporary Internet Files folder emptied: 2197896 bytes
->FireFox cache emptied: 15856602 bytes
->Flash cache emptied: 830 bytes

User: LukĂˇĹˇ

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 401408 bytes
%systemroot%\System32 .tmp files removed: 23729376 bytes
%systemroot%\System32 (64bit) .tmp files removed: 40213264 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 80569195 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68130 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 736 bytes
RecycleBin emptied: 731136 bytes

Total Files Cleaned = 722,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 05222013_200848

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Corleon85 · #6 Příspěvek od **Corleon85** » 22 kvě 2013 19:23

bod 2

Rkill 2.4.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/22/2013 08:21:20 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t

Program finished at: 05/22/2013 08:21:25 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

Corleon85 · #7 Příspěvek od **Corleon85** » 22 kvě 2013 19:33

bod 3

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Lukáš [Práva správce]
Mód : Kontrola -- Datum : 05/22/2013 20:26:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 25 ¤¤¤
[TASK][SUSP PATH] {227B2BCD-77ED-444C-8027-E2D994D47EBB} : C:\Users\Lukáš\Desktop\Command & Conquer Red Alert\_SETUP.EXE [x] -> NALEZENO
[TASK][SUSP PATH] {30FF4281-7515-439B-834D-2E73951C2C44} : C:\Users\Lukáš\Desktop\MediEvil_j89.exe [x] -> NALEZENO
[TASK][SUSP PATH] {354255B9-E504-46AD-962D-A1A38E657218} : C:\Users\Lukáš\Desktop\redalerd iso\REDALERT\SETUP.EXE [x] -> NALEZENO
[TASK][SUSP PATH] {90D578A4-D235-425A-BD14-CD52A5377B19} : C:\Users\Lukáš\Desktop\prototype\Prototype\prototypef.exe [x] -> NALEZENO
[TASK][SUSP PATH] {AAFE1C6A-85CE-4A0B-891F-E317E8A0A520} : C:\Users\Lukáš\Desktop\SEMM FNV\Fallout New Vegas\FalloutNVLauncher.exe [x] -> NALEZENO
[TASK][SUSP PATH] {C2A154F6-B73E-459A-8B3A-0CA7610C35FC} : C:\Users\Lukáš\Desktop\SHARM (autohypnóza a relaxační stroj)\SHARM 2.6.exe [x] -> NALEZENO
[TASK][SUSP PATH] {CA701E60-09F0-48ED-BC55-4E5AACA34E7D} : C:\Users\Lukáš\Desktop\redalerd iso\REDALERT\SETUP.EXE [x] -> NALEZENO
[TASK][SUSP PATH] {D5F6423E-EC44-42E3-BD59-F40764149CCC} : C:\Users\Lukáš\Desktop\SEMM FNV\Fallout New Vegas\FalloutNVLauncher.exe [x] -> NALEZENO
[TASK][SUSP PATH] {E6A619EC-3EB8-4F02-A760-94B34B6C6186} : C:\Users\Lukáš\Desktop\redalerd iso\REDALERT\SETUP.EXE [x] -> NALEZENO
[TASK][SUSP PATH] {F2623AFD-C6C9-4CA1-9662-8329FF237BD3} : C:\Users\Lukáš\Desktop\Diablo\HYBRID.EXE [x] -> NALEZENO
[TASK][SUSP PATH] {F8C7FED0-8D6B-421B-BDE5-CD605A9EED38} : C:\Users\Lukáš\Desktop\DTLite4355-0068.exe [x] -> NALEZENO
[TASK][SUSP PATH] {FD7043B0-4A40-4C6C-AE73-E80508DC6AFE} : C:\Users\Lukáš\Desktop\Diablo\HYBRID.EXE [x] -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\Windows\WLXPGSS.SCR) [7] -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADS-00P8B0 ATA Device +++++
--- User ---
[MBR] 3c3cbc3d67ddcb73d514f69d6e1e8620
[BSP] f902dfc7c3afafef1a1cb0f6758e0eac : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 539 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1105920 | Size: 953328 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_05222013_02d2026.txt >>
RKreport[1]_S_05222013_02d2026.txt

Corleon85 · #8 Příspěvek od **Corleon85** » 22 kvě 2013 19:43

bod 4

# AdwCleaner v2.301 - Log vytvooen 22/05/2013 v 20:36:54
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Lukáš - LUKÁŠ-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Lukáš\Desktop\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\ProgramData\ClickPotatoLiteSA
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clickpotato
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
Složka Vymazáno : C:\ProgramData\Tarma Installer
Složka Vymazáno : C:\Users\Lukáš\AppData\Local\APN
Složka Vymazáno : C:\Users\Lukáš\AppData\Local\AVG Security Toolbar
Složka Vymazáno : C:\Users\Lukáš\AppData\Local\Conduit
Složka Vymazáno : C:\Users\Lukáš\AppData\Local\PackageAware
Složka Vymazáno : C:\Users\Lukáš\AppData\LocalLow\AskToolbar
Složka Vymazáno : C:\Users\Lukáš\AppData\LocalLow\AVG Security Toolbar
Složka Vymazáno : C:\Users\Lukáš\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Lukáš\AppData\LocalLow\Search Settings
Složka Vymazáno : C:\Users\Lukáš\AppData\LocalLow\ShopperReports3
Složka Vymazáno : C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\ConduitCommon
Složka Vymazáno : C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\jetpack
Složka Vymazáno : C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\SweetPacksToolbarData
Složka Vymazáno : C:\Users\Lukáš\AppData\Roaming\ShopperReports3
Soubor Vymazáno : C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Soubor Vymazáno : C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\extensions\OneClickDownload@OneClickDownload.com.xpi
Vymazáno poi restartu : C:\Program Files (x86)\1ClickDownload
Vymazáno poi restartu : C:\Program Files (x86)\clickpotatolite
Vymazáno poi restartu : C:\Program Files (x86)\Conduit
Vymazáno poi restartu : C:\Program Files (x86)\DAEMON Tools Toolbar
Vymazáno poi restartu : C:\Program Files (x86)\IObit Apps Toolbar
Vymazáno poi restartu : C:\Program Files (x86)\ShopperReports3
Vymazáno poi restartu : C:\Program Files (x86)\Zynga

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ShopperReports@ShopperReports.com]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Klíe Vymazáno : HKCU\Software\1ClickDownload
Klíe Vymazáno : HKCU\Software\AppDataLow\AskToolbarInfo
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\AskToolbar
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\ShopperReports3
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\Ask.com
Klíe Vymazáno : HKCU\Software\AVG Security Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Search Settings
Klíe Vymazáno : HKCU\Software\ShopperReports3
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Vymazáno : HKLM\Software\Application Updater
Klíe Vymazáno : HKLM\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{D2083641-E57F-4EAB-BB85-0582424F4A29}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\BRNstIE.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\Pltfrm.DLL
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Klíe Vymazáno : HKLM\Software\ClickPotatoLite
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\Iminent
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
Klíe Vymazáno : HKLM\Software\Search Settings
Klíe Vymazáno : HKLM\Software\ShopperReports3
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Klíe Vymazáno : HKLM\SOFTWARE\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16446

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\prefs.js

C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\user.js ... Vymazáno !

Vymazáno : user_pref("CT3072253..clientLogIsEnabled", false);
Vymazáno : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Vymazáno : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Vymazáno : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Vymazáno : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Vymazáno : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Vymazáno : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Vymazáno : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Vymazáno : user_pref("CT3072253.CTID", "CT3072253");
Vymazáno : user_pref("CT3072253.CurrentServerDate", "17-6-2012");
Vymazáno : user_pref("CT3072253.DSInstall", false);
Vymazáno : user_pref("CT3072253.DialogsAlignMode", "LTR");
Vymazáno : user_pref("CT3072253.DialogsGetterLastCheckTime", "Sun Jun 17 2012 01:12:56 GMT+0200");
Vymazáno : user_pref("CT3072253.DownloadReferralCookieData", "");
Vymazáno : user_pref("CT3072253.FirstServerDate", "18-5-2012");
Vymazáno : user_pref("CT3072253.FirstTime", true);
Vymazáno : user_pref("CT3072253.FirstTimeFF3", true);
Vymazáno : user_pref("CT3072253.FixPageNotFoundErrors", true);
Vymazáno : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Vymazáno : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Vymazáno : user_pref("CT3072253.HPInstall", false);
Vymazáno : user_pref("CT3072253.HasUserGlobalKeys", true);
Vymazáno : user_pref("CT3072253.Initialize", true);
Vymazáno : user_pref("CT3072253.InitializeCommonPrefs", true);
Vymazáno : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Vymazáno : user_pref("CT3072253.InstallationId", "fftFB11.tmp.exe");
Vymazáno : user_pref("CT3072253.InstallationType", "XPE");
Vymazáno : user_pref("CT3072253.InstalledDate", "Fri May 18 2012 15:52:05 GMT+0200");
Vymazáno : user_pref("CT3072253.IsGrouping", false);
Vymazáno : user_pref("CT3072253.IsInitSetupIni", true);
Vymazáno : user_pref("CT3072253.IsMulticommunity", false);
Vymazáno : user_pref("CT3072253.IsOpenThankYouPage", true);
Vymazáno : user_pref("CT3072253.IsOpenUninstallPage", false);
Vymazáno : user_pref("CT3072253.LanguagePackLastCheckTime", "Sun Jun 17 2012 01:12:56 GMT+0200");
Vymazáno : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Vymazáno : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Vymazáno : user_pref("CT3072253.LastLogin_3.12.0.8", "Fri May 18 2012 15:53:21 GMT+0200");
Vymazáno : user_pref("CT3072253.LastLogin_3.12.2.3", "Wed May 30 2012 23:30:24 GMT+0200");
Vymazáno : user_pref("CT3072253.LastLogin_3.13.0.6", "Sun Jun 17 2012 21:51:06 GMT+0200");
Vymazáno : user_pref("CT3072253.LatestVersion", "3.13.0.6");
Vymazáno : user_pref("CT3072253.Locale", "en");
Vymazáno : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Vymazáno : user_pref("CT3072253.MCDetectTooltipShow", false);
Vymazáno : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Vymazáno : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Vymazáno : user_pref("CT3072253.MyStuffEnabledAtInstallation", false);
Vymazáno : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Vymazáno : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Vymazáno : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Vymazáno : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Vymazáno : user_pref("CT3072253.SearchInNewTabEnabled", true);
Vymazáno : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Vymazáno : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Sun Jun 17 2012 01:12:56 GMT+0200");
Vymazáno : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Vymazáno : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Vymazáno : user_pref("CT3072253.ServiceMapLastCheckTime", "Sun Jun 17 2012 01:12:56 GMT+0200");
Vymazáno : user_pref("CT3072253.SettingsLastCheckTime", "Sun Jun 17 2012 21:51:05 GMT+0200");
Vymazáno : user_pref("CT3072253.SettingsLastUpdate", "1339665152");
Vymazáno : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Vymazáno : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Vymazáno : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Fri May 18 2012 15:52:04 GMT+0200");
Vymazáno : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Vymazáno : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Vymazáno : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Vymazáno : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Vymazáno : user_pref("CT3072253.UserID", "UN47140535356858504");
Vymazáno : user_pref("CT3072253.alertChannelId", "1463702");
Vymazáno : user_pref("CT3072253.approveUntrustedApps", true);
Vymazáno : user_pref("CT3072253.autoDisableScopes", -1);
Vymazáno : user_pref("CT3072253.backendstorage.cbcountry_000", "435A");
Vymazáno : user_pref("CT3072253.backendstorage.cbfirsttime", "467269204D617920313820323031322031353A35323A30382[...]
Vymazáno : user_pref("CT3072253.components.129573915102477663", false);
Vymazáno : user_pref("CT3072253.components.129593762370823811", false);
Vymazáno : user_pref("CT3072253.components.129749445881800338", false);
Vymazáno : user_pref("CT3072253.components.129805375651312503", false);
Vymazáno : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Vymazáno : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Fri May 18 2012 15:52:05 GMT+0200");
Vymazáno : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Vymazáno : user_pref("CT3072253.initDone", true);
Vymazáno : user_pref("CT3072253.isAppTrackingManagerOn", true);
Vymazáno : user_pref("CT3072253.myStuffEnabled", true);
Vymazáno : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Vymazáno : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Vymazáno : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Vymazáno : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Vymazáno : user_pref("CT3072253.navigateToUrlOnSearch", false);
Vymazáno : user_pref("CT3072253.revertSettingsEnabled", true);
Vymazáno : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Vymazáno : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Vymazáno : user_pref("CT3072253.testingCtid", "");
Vymazáno : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Sun Jun 17 2012 01:12:56 GMT+0200");
Vymazáno : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Fri May 18 2012 15:52:06 GMT+0200");
Vymazáno : user_pref("CT3072253.usagesFlag", 2);
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Vymazáno : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Lukáa\\AppData\\Roaming\\Mozilla\\F[...]
Vymazáno : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Vymazáno : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?AF=111253&bab[...]
Vymazáno : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Vymazáno : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Vymazáno : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Vymazáno : user_pref("CommunityToolbar.globalUserId", "ce9082f5-4718-413f-b7da-5b191b337844");
Vymazáno : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Vymazáno : user_pref("CommunityToolbar.originalHomepage", "seznam.cz");
Vymazáno : user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)");
Vymazáno : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.32");
Vymazáno : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Vymazáno : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Vymazáno : user_pref("browser.search.defaultenginename", "SweetIM Search");
Vymazáno : user_pref("browser.search.order.1", "Search the web (Babylon)");
Vymazáno : user_pref("browser.search.selectedEngine", "SweetIM Search");
Vymazáno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Vymazáno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Vymazáno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111253");
Vymazáno : user_pref("extensions.BabylonToolbar_i.hardId", "5466569000000000000000ff7ef51f46");
Vymazáno : user_pref("extensions.BabylonToolbar_i.id", "5466569000000000000000ff7ef51f46");
Vymazáno : user_pref("extensions.BabylonToolbar_i.instlDay", "15407");
Vymazáno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=111253&babsrc=NT_s[...]
Vymazáno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Vymazáno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Vymazáno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Vymazáno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Vymazáno : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:54:06");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Vymazáno : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={E43CB882-3651-11E2-BBA4-00270E[...]
Vymazáno : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Vymazáno : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Vymazáno : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1368885748625");
Vymazáno : user_pref("sweetim.toolbar.Visibility.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Vymazáno : user_pref("sweetim.toolbar.cargo", "3.1010000.10012");
Vymazáno : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Vymazáno : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Vymazáno : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Vymazáno : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Vymazáno : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Vymazáno : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Vymazáno : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Vymazáno : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Vymazáno : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Vymazáno : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Vymazáno : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Vymazáno : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Vymazáno : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Vymazáno : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Vymazáno : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Vymazáno : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Vymazáno : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Vymazáno : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Vymazáno : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Vymazáno : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Vymazáno : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Vymazáno : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Vymazáno : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Vymazáno : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Vymazáno : user_pref("sweetim.toolbar.mode.debug", "false");
Vymazáno : user_pref("sweetim.toolbar.newtab.created", "false");
Vymazáno : user_pref("sweetim.toolbar.newtab.enable", "true");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Vymazáno : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Vymazáno : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Vymazáno : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Vymazáno : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Vymazáno : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Vymazáno : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Vymazáno : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.callback", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.predictad.com/scripts/publishers/sweetim/pre[...]
Vymazáno : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "true");
Vymazáno : user_pref("sweetim.toolbar.scripts.2.callback", "simVerification");
Vymazáno : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Vymazáno : user_pref("sweetim.toolbar.scripts.2.elementid", "id_script_sim_fb");
Vymazáno : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Vymazáno : user_pref("sweetim.toolbar.scripts.2.id", "id_script_fb_hxxpS");
Vymazáno : user_pref("sweetim.toolbar.scripts.2.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Vymazáno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Vymazáno : user_pref("sweetim.toolbar.search.history.capacity", "10");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "false");
Vymazáno : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Vymazáno : user_pref("sweetim.toolbar.simapp_id", "{E43CB882-3651-11E2-BBA4-00270E06ED8A}");
Vymazáno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=17&barid={E43CB882-3651-11E2[...]
Vymazáno : user_pref("sweetim.toolbar.version", "1.9.0.0");

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.3499] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?st=17&barid={E43CB882-3651-11E2-BBA4[...]

-\\ Opera v12.11.1661.0

Soubor : C:\Users\Lukáš\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[S1].txt - [28792 octets] - [22/05/2013 20:36:54]

########## EOF - C:\AdwCleaner[S1].txt - [28853 octets] ##########

Corleon85 · #9 Příspěvek od **Corleon85** » 22 kvě 2013 19:50

A bod 5

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Luk ç on st 22.05.2013 at 20:45:56,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak

~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Luk ç\AppData\Roaming\systweak"
Failed to delete: [Folder] "C:\Program Files (x86)\clickpotatolite"
Failed to delete: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\daemon tools toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\otshot"
Failed to delete: [Folder] "C:\Program Files (x86)\shopperreports3"

~~~ FireFox

Emptied folder: C:\Users\Luk ç\AppData\Roaming\mozilla\firefox\profiles\8usojcdb.default\minidumps [35 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 22.05.2013 at 20:48:58,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 Příspěvek od **stell** » 22 kvě 2013 19:54

bod 3

RogueKiller
Spust este raz ako admin/spravca,das Prohledat>>ked ukonci, klikni na ZMAZAT>DELETE, a este raz klikni na OPRAVA HOST, log vloz sem.

Cez pridat/odobrat programy odinstaluj program Spybot.

Spust ako admin combofix a log vloz sem
http://www.bleepingcomputer.com/combofi ... t-combofix

Corleon85 · #11 Příspěvek od **Corleon85** » 22 kvě 2013 20:10

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Lukáš [Práva správce]
Mód : Odebrat -- Datum : 05/22/2013 21:04:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADS-00P8B0 ATA Device +++++
--- User ---
[MBR] 3c3cbc3d67ddcb73d514f69d6e1e8620
[BSP] f902dfc7c3afafef1a1cb0f6758e0eac : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 539 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1105920 | Size: 953328 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_05222013_02d2104.txt >>
RKreport[1]_S_05222013_02d2103.txt ; RKreport[2]_D_05222013_02d2104.txt

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Lukáš [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/22/2013 21:05:15
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_05222013_02d2105.txt >>
RKreport[1]_S_05222013_02d2103.txt ; RKreport[2]_D_05222013_02d2104.txt ; RKreport[3]_H_05222013_02d2105.txt ; RKreport[4]_H_05222013_02d2105.txt

Takto?
Jo a ten Spy Bot nejde odinstalovat píše mi to Error 5: Přístup byl odepřen

#12 Příspěvek od **stell** » 22 kvě 2013 20:14

Error 5=znamena ze Nemas admin prava to odinstalovat,no nic spust combofix, ja to pozabijam, a uvidime.

Corleon85 · #13 Příspěvek od **Corleon85** » 22 kvě 2013 21:27

ComboFix 13-05-22.01 - Lukáš 22.05.2013 22:03:56.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4086.2454 [GMT 2:00]
Spuštěný z: c:\users\LukßÜ\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
C:\install.exe
c:\program files (x86)\ClickPotatoLite
c:\program files (x86)\ClickPotatoLite\bin\10.0.728.0\copyright.txt
c:\program files (x86)\ClickPotatoLite\bin\10.0.728.0\firefox\extensions\install.rdf
c:\program files (x86)\ShopperReports3
c:\program files (x86)\ShopperReports3\bin\3.2.7.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.dll
c:\program files (x86)\ShopperReports3\bin\3.2.7.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.xpt
c:\program files (x86)\ShopperReports3\bin\3.2.7.0\firefox\firefoxtoolbar\extensions\chrome.manifest
c:\program files (x86)\ShopperReports3\bin\3.2.7.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js
c:\program files (x86)\ShopperReports3\bin\3.2.7.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul
c:\program files (x86)\ShopperReports3\bin\3.2.7.0\firefox\firefoxtoolbar\extensions\install.rdf
c:\program files (x86)\ShopperReports3\bin\3.2.7.0\link.ico
c:\programdata\1357217005.bdinstall.bin
c:\programdata\1357217575.bdinstall.bin
c:\programdata\1357226088.bdinstall.bin
c:\programdata\1357226090.bdinstall.bin
c:\programdata\1357226225.bdinstall.bin
c:\programdata\1360417443.bdinstall.bin
c:\programdata\1360417533.bdinstall.bin
c:\programdata\1360417734.bdinstall.bin
c:\programdata\1367605502.bdinstall.bin
c:\windows\IsUn0407.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-22 do 2013-05-22 )))))))))))))))))))))))))))))))
.
.
2013-05-22 20:11 . 2013-05-22 20:11 -------- d-----w- c:\users\Lukáš.Lukáš-PC\AppData\Local\temp
2013-05-22 20:11 . 2013-05-22 20:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-22 18:45 . 2013-05-22 18:45 -------- d-----w- c:\windows\ERUNT
2013-05-22 18:45 . 2013-05-22 18:45 -------- d-----w- C:\JRT
2013-05-22 18:37 . 2013-05-22 18:37 417 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-22 18:08 . 2013-05-22 18:08 -------- d-----w- C:\_OTL
2013-05-22 16:07 . 2013-05-22 17:05 -------- d-----w- c:\program files\trend micro
2013-05-22 16:07 . 2013-05-22 16:07 -------- d-----w- C:\rsit
2013-05-21 12:22 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{105EEB1B-DA83-4736-9177-576360BE7E96}\mpengine.dll
2013-05-18 09:22 . 2013-05-18 09:22 -------- d-----w- c:\users\Lukáš\AppData\Local\ElevatedDiagnostics
2013-05-15 21:03 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 21:03 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 21:03 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 18:07 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 18:07 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 18:07 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 18:06 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 18:06 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 18:06 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 18:06 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 18:06 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 18:06 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 18:06 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 18:06 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 18:06 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-05 14:03 . 2013-05-05 14:03 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-05-04 12:11 . 2013-05-04 12:39 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Bioshock
2013-05-04 12:04 . 2013-05-04 12:04 -------- d-----w- c:\program files (x86)\BioShock
2013-05-03 18:34 . 2013-05-03 18:34 -------- d-----w- c:\users\Lukáš\AppData\Local\ESET
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\x86
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\Drivers
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\License
2013-05-03 17:48 . 2013-05-03 17:57 -------- d-----w- c:\program files (x86)\Age of Empires II HD
2013-04-24 12:17 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-23 14:04 . 2013-04-23 14:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 21:04 . 2009-11-16 14:40 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 18:01 . 2012-04-02 12:07 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 18:01 . 2011-05-17 10:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-04 10:28 . 2010-10-28 11:35 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-04 10:28 . 2009-12-24 23:11 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-04 10:27 . 2009-12-24 23:11 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-02 00:06 . 2009-11-16 14:40 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 10:44 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 05:49 . 2013-05-15 18:07 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 18:07 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 18:07 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 18:07 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 18:07 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 18:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-03 14:14 . 2013-04-03 14:14 20200 ----a-w- c:\program files (x86)\ekrnUpdateLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 97472 ----a-w- c:\program files (x86)\eguiUpdateLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 51128 ----a-w- c:\program files (x86)\SysRescueLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 61952 ----a-w- c:\program files (x86)\SysInspectorLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 27424 ----a-w- c:\program files (x86)\ShellExtLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10936 ----a-w- c:\program files (x86)\eplgTbLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10936 ----a-w- c:\program files (x86)\eplgOutlookLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10936 ----a-w- c:\program files (x86)\eplgOELang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10424 ----a-w- c:\program files (x86)\ekrnMailPluginsLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10424 ----a-w- c:\program files (x86)\eguiMailPluginsLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 9912 ----a-w- c:\program files (x86)\ekrnHipsLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 22280 ----a-w- c:\program files (x86)\eguiHipsLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 9400 ----a-w- c:\program files (x86)\ekrnScanLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 36176 ----a-w- c:\program files (x86)\eguiScanLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 16616 ----a-w- c:\program files (x86)\ekrnEpfwLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 187088 ----a-w- c:\program files (x86)\eguiEpfwLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 39280 ----a-w- c:\program files (x86)\ekrnLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 165976 ----a-w- c:\program files (x86)\eguiLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 9912 ----a-w- c:\program files (x86)\eplgOutlookEmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 10424 ----a-w- c:\program files (x86)\eguiEmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 9912 ----a-w- c:\program files (x86)\eguiDmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 9400 ----a-w- c:\program files (x86)\ekrnDmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 18664 ----a-w- c:\program files (x86)\eclsLang.dll
2013-04-03 14:10 . 2013-04-03 14:10 25376 ----a-w- c:\program files (x86)\eguiAmonLang.dll
2013-03-21 13:20 . 2013-03-21 13:20 486872 ----a-w- c:\program files (x86)\updater.dll
2013-03-21 13:20 . 2013-03-21 13:20 1010624 ----a-w- c:\program files (x86)\eguiUpdate.dll
2013-03-21 13:20 . 2013-03-21 13:20 1508096 ----a-w- c:\program files (x86)\SysRescue.exe
2013-03-21 13:20 . 2013-03-21 13:20 123776 ----a-w- c:\program files (x86)\ToastNotify.dll
2013-03-21 13:20 . 2013-03-21 13:20 1728016 ----a-w- c:\program files (x86)\SysInspector.exe
2013-03-21 13:20 . 2013-03-21 13:20 202568 ----a-w- c:\program files (x86)\shellExt.dll
2013-03-21 13:20 . 2013-03-21 13:20 408568 ----a-w- c:\program files (x86)\eplgOE.dll
2013-03-21 13:20 . 2013-03-21 13:20 385872 ----a-w- c:\program files (x86)\eplgOutlook.dll
2013-03-21 13:20 . 2013-03-21 13:20 12008 ----a-w- c:\program files (x86)\eplgHooks.dll
2013-03-21 13:20 . 2013-03-21 13:20 111416 ----a-w- c:\program files (x86)\eguiMailPlugins.dll
2013-03-21 13:20 . 2013-03-21 13:20 254080 ----a-w- c:\program files (x86)\eguiHips.dll
2013-03-21 13:20 . 2013-03-21 13:20 691288 ----a-w- c:\program files (x86)\eguiScan.dll
2013-03-21 13:20 . 2013-03-21 13:20 1653320 ----a-w- c:\program files (x86)\eguiEpfw.dll
2013-03-21 13:19 . 2013-03-21 13:19 6330568 ----a-w- c:\program files (x86)\egui.exe
2013-03-21 13:19 . 2013-03-21 13:19 28528 ----a-w- c:\program files (x86)\eh64.exe
2013-03-21 13:19 . 2013-03-21 13:19 2066784 ----a-w- c:\program files (x86)\eguiProductRcd.dll
2013-03-21 13:19 . 2013-03-21 13:19 245304 ----a-w- c:\program files (x86)\eplgOutlookEmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 2198624 ----a-w- c:\program files (x86)\eguiProduct.dll
2013-03-21 13:19 . 2013-03-21 13:19 259736 ----a-w- c:\program files (x86)\eplgOEEmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 123752 ----a-w- c:\program files (x86)\eguiEmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 46032 ----a-w- c:\program files (x86)\eeclnt.exe
2013-03-21 13:19 . 2013-03-21 13:19 119144 ----a-w- c:\program files (x86)\eguiDmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 171144 ----a-w- c:\program files (x86)\DMON.dll
2013-03-21 13:19 . 2013-03-21 13:19 51664 ----a-w- c:\program files (x86)\ecmd.exe
2013-03-21 13:19 . 2013-03-21 13:19 299304 ----a-w- c:\program files (x86)\ecls.exe
2013-03-21 13:19 . 2013-03-21 13:19 355008 ----a-w- c:\program files (x86)\eguiAmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 72800 ----a-w- c:\program files (x86)\callmsi.exe
2013-03-19 06:04 . 2013-04-10 12:02 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 12:02 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 12:02 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 12:02 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 12:02 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 12:02 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-15 05:53 . 2013-03-28 13:25 7573816 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:53 . 2013-03-28 13:25 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2013-03-28 13:25 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-03-15 05:53 . 2013-03-28 13:25 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-03-15 05:53 . 2013-03-28 13:25 11048736 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-15 05:53 . 2013-03-28 13:25 9414456 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:53 . 2013-03-28 13:25 2913056 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:53 . 2013-03-28 13:25 2728736 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-03-15 05:53 . 2013-03-28 13:25 2355488 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-28 13:25 1995552 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-28 13:25 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll
2013-03-15 05:53 . 2013-03-28 13:25 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2013-03-28 13:25 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll
2013-03-15 05:53 . 2013-03-28 13:25 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:53 . 2013-03-28 13:25 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-03-15 05:53 . 2012-10-10 20:23 6271872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-03-15 05:53 . 2012-10-10 20:23 7959000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-03-15 05:53 . 2012-10-10 20:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-05-23 14:28 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2011-01-08 22:07 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2009-07-13 21:59 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 04:16 . 2010-10-16 12:13 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2010-10-16 12:13 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2010-10-16 12:13 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 04:16 . 2010-10-16 12:13 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2010-10-16 12:13 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-08 16:26 . 2013-03-08 16:26 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-08 16:26 . 2012-07-31 17:17 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-08 16:26 . 2011-07-01 13:06 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-10 15:45 164352 --sh--w- c:\windows\SysWOW64\SC.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"2kadiras"="2kadiras.exe" [2003-08-20 32768]
"adiras"="2kadiras.exe" [2003-08-20 32768]
"Razer Imperator Driver"="c:\program files (x86)\razer\imperator\razerimperatorsystray.exe" [2011-06-03 979360]
"Arctosa"="c:\program files (x86)\razer\arctosa\razerhid.exe" [2008-10-06 147456]
"SwitchBoard"="c:\program files (x86)\common files\adobe\switchboard\switchboard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"DT PLP"=c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -PLP
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"wcmdmgr"=c:\windows\wt\updater\wcmdmgrl.exe -launch
"WT GameChannel"=c:\program files (x86)\WildTangent\Apps\GameChannel.exe
"LogitechCommunicationsManager"=c:\program files (x86)\common files\logishrd\lcommgr\communications_helper.exe
"LogitechQuickCamRibbon"="c:\program files (x86)\labtec\webcam10\webcam10.exe" /hide
"PivotSoftware"=c:\program files (x86)\portrait displays\pivot software\wpctrl.exe
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 77688]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 EagleX64;EagleX64; [x]
R3 EfiVariable;Efi Variable Service;c:\windows\SysWOW64\Drivers\variable64.sys [2010-10-28 18200]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-07 14448]
R3 LVcKap64;Logitech AEC Driver;c:\windows\system32\DRIVERS\LVcKap64.sys [2007-03-06 1029024]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-03-06 58400]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-25 19456]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\DRIVERS\s3017bus.sys [2007-12-10 109096]
R3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 19496]
R3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 146984]
R3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 130600]
R3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 34344]
R3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s3017obex.sys [2007-12-10 125480]
R3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\DRIVERS\s3017unic.sys [2007-12-10 144936]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-10-25 57856]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0; [x]
R3 X6va005;X6va005; [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [2012-05-08 17192]
R4 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 35256]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-19 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
S2 ekrn;ESET Service;c:\program files (x86)\x86\ekrn.exe [2013-03-21 1341664]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2013-01-10 139768]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-11-09 189608]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-12-17 109168]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-08-09 741224]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 18:02]
.
2013-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-24 14:56]
.
2013-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-24 14:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"egui"="c:\program files (x86)\egui.exe" [2013-03-21 6330568]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)
ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)
ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)
AddRemove-Moorhuhn 2 V1.1 - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-861332635-3556599228-1674643736-1002\Software\SecuROM\License information*]
"datasecu"=hex:de,f9,cc,cc,a8,7b,16,94,7d,d3,5b,e9,bf,6e,1e,a9,5b,f0,97,87,6c,
5e,0b,81,25,36,82,44,8e,7d,4b,eb,8f,62,ed,f8,91,02,ba,f6,81,51,8a,c3,73,8b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2013-05-22 22:19:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-22 20:19
.
Před spuštěním: Volných bajtů: 207 409 029 120
Po spuštění: Volných bajtů: 206 834 880 512
.
- - End Of File - - 7B2C0445B23EC0A0996BEBE0010F37E8

#14 Příspěvek od **stell** » 23 kvě 2013 06:40

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex:

Kód: Vybrat vše

KILLALL::
SecCenter::
{A751AC20-3B48-5237-898A-78C4436BB78D}
{9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
File::
c:\windows\DeleteOnReboot.bat
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spybot-S&D Cleaning"=-
Folder::
c:\program files (x86)\Spybot - Search & Destroy 2
c:\program files (x86)\IObit
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SDTray"=-
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"AdobeCS5ServiceManager"=-
"DT PLP"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"PivotSoftware"=-
Driver::
IObitUnlocker
cpuz135
IMFservice
SDScannerService
SDUpdateService
SDWSCService
DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
RegLock:: 
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
ClearJavaCache::

Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :

Po skonceni skenu vlož log

Corleon85 · #15 Příspěvek od **Corleon85** » 23 kvě 2013 13:58

Takže takto

ComboFix 13-05-22.01 - Lukáš 23.05.2013 14:43:08.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4086.2826 [GMT 2:00]
Spuštěný z: c:\users\LukßÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LukßÜ\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
/wow section - STAGE 4
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-23 do 2013-05-23 )))))))))))))))))))))))))))))))
.
.
2013-05-23 12:52 . 2013-05-23 12:52 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-23 12:52 . 2013-05-23 12:52 -------- d-----w- c:\users\Lukáš.Lukáš-PC\AppData\Local\temp
2013-05-23 12:52 . 2013-05-23 12:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-22 18:45 . 2013-05-22 18:45 -------- d-----w- c:\windows\ERUNT
2013-05-22 18:45 . 2013-05-22 18:45 -------- d-----w- C:\JRT
2013-05-22 18:37 . 2013-05-22 18:37 417 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-22 18:08 . 2013-05-22 18:08 -------- d-----w- C:\_OTL
2013-05-22 16:07 . 2013-05-22 17:05 -------- d-----w- c:\program files\trend micro
2013-05-22 16:07 . 2013-05-22 16:07 -------- d-----w- C:\rsit
2013-05-21 12:22 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{105EEB1B-DA83-4736-9177-576360BE7E96}\mpengine.dll
2013-05-18 09:22 . 2013-05-18 09:22 -------- d-----w- c:\users\Lukáš\AppData\Local\ElevatedDiagnostics
2013-05-15 21:03 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-15 21:03 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 21:03 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-15 18:07 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 18:07 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 18:07 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 18:06 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 18:06 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 18:06 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 18:06 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 18:06 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 18:06 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 18:06 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 18:06 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 18:06 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-05 14:03 . 2013-05-05 14:03 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-05-04 12:11 . 2013-05-04 12:39 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Bioshock
2013-05-04 12:04 . 2013-05-04 12:04 -------- d-----w- c:\program files (x86)\BioShock
2013-05-03 18:34 . 2013-05-03 18:34 -------- d-----w- c:\users\Lukáš\AppData\Local\ESET
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\x86
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\Drivers
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-05-03 18:18 . 2013-05-03 18:18 -------- d-----w- c:\program files (x86)\License
2013-05-03 17:48 . 2013-05-03 17:57 -------- d-----w- c:\program files (x86)\Age of Empires II HD
2013-04-24 12:17 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-23 14:04 . 2013-04-23 14:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 21:04 . 2009-11-16 14:40 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 18:01 . 2012-04-02 12:07 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 18:01 . 2011-05-17 10:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-04 10:28 . 2010-10-28 11:35 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-04 10:28 . 2009-12-24 23:11 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-04 10:27 . 2009-12-24 23:11 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-02 00:06 . 2009-11-16 14:40 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 10:44 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 05:49 . 2013-05-15 18:07 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 18:07 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 18:07 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 18:07 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 18:07 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 18:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-03 14:14 . 2013-04-03 14:14 20200 ----a-w- c:\program files (x86)\ekrnUpdateLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 97472 ----a-w- c:\program files (x86)\eguiUpdateLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 51128 ----a-w- c:\program files (x86)\SysRescueLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 61952 ----a-w- c:\program files (x86)\SysInspectorLang.dll
2013-04-03 14:14 . 2013-04-03 14:14 27424 ----a-w- c:\program files (x86)\ShellExtLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10936 ----a-w- c:\program files (x86)\eplgTbLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10936 ----a-w- c:\program files (x86)\eplgOutlookLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10936 ----a-w- c:\program files (x86)\eplgOELang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10424 ----a-w- c:\program files (x86)\ekrnMailPluginsLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 10424 ----a-w- c:\program files (x86)\eguiMailPluginsLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 9912 ----a-w- c:\program files (x86)\ekrnHipsLang.dll
2013-04-03 14:13 . 2013-04-03 14:13 22280 ----a-w- c:\program files (x86)\eguiHipsLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 9400 ----a-w- c:\program files (x86)\ekrnScanLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 36176 ----a-w- c:\program files (x86)\eguiScanLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 16616 ----a-w- c:\program files (x86)\ekrnEpfwLang.dll
2013-04-03 14:12 . 2013-04-03 14:12 187088 ----a-w- c:\program files (x86)\eguiEpfwLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 39280 ----a-w- c:\program files (x86)\ekrnLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 165976 ----a-w- c:\program files (x86)\eguiLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 9912 ----a-w- c:\program files (x86)\eplgOutlookEmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 10424 ----a-w- c:\program files (x86)\eguiEmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 9912 ----a-w- c:\program files (x86)\eguiDmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 9400 ----a-w- c:\program files (x86)\ekrnDmonLang.dll
2013-04-03 14:11 . 2013-04-03 14:11 18664 ----a-w- c:\program files (x86)\eclsLang.dll
2013-04-03 14:10 . 2013-04-03 14:10 25376 ----a-w- c:\program files (x86)\eguiAmonLang.dll
2013-03-21 13:20 . 2013-03-21 13:20 486872 ----a-w- c:\program files (x86)\updater.dll
2013-03-21 13:20 . 2013-03-21 13:20 1010624 ----a-w- c:\program files (x86)\eguiUpdate.dll
2013-03-21 13:20 . 2013-03-21 13:20 1508096 ----a-w- c:\program files (x86)\SysRescue.exe
2013-03-21 13:20 . 2013-03-21 13:20 123776 ----a-w- c:\program files (x86)\ToastNotify.dll
2013-03-21 13:20 . 2013-03-21 13:20 1728016 ----a-w- c:\program files (x86)\SysInspector.exe
2013-03-21 13:20 . 2013-03-21 13:20 202568 ----a-w- c:\program files (x86)\shellExt.dll
2013-03-21 13:20 . 2013-03-21 13:20 408568 ----a-w- c:\program files (x86)\eplgOE.dll
2013-03-21 13:20 . 2013-03-21 13:20 385872 ----a-w- c:\program files (x86)\eplgOutlook.dll
2013-03-21 13:20 . 2013-03-21 13:20 12008 ----a-w- c:\program files (x86)\eplgHooks.dll
2013-03-21 13:20 . 2013-03-21 13:20 111416 ----a-w- c:\program files (x86)\eguiMailPlugins.dll
2013-03-21 13:20 . 2013-03-21 13:20 254080 ----a-w- c:\program files (x86)\eguiHips.dll
2013-03-21 13:20 . 2013-03-21 13:20 691288 ----a-w- c:\program files (x86)\eguiScan.dll
2013-03-21 13:20 . 2013-03-21 13:20 1653320 ----a-w- c:\program files (x86)\eguiEpfw.dll
2013-03-21 13:19 . 2013-03-21 13:19 6330568 ----a-w- c:\program files (x86)\egui.exe
2013-03-21 13:19 . 2013-03-21 13:19 28528 ----a-w- c:\program files (x86)\eh64.exe
2013-03-21 13:19 . 2013-03-21 13:19 2066784 ----a-w- c:\program files (x86)\eguiProductRcd.dll
2013-03-21 13:19 . 2013-03-21 13:19 245304 ----a-w- c:\program files (x86)\eplgOutlookEmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 2198624 ----a-w- c:\program files (x86)\eguiProduct.dll
2013-03-21 13:19 . 2013-03-21 13:19 259736 ----a-w- c:\program files (x86)\eplgOEEmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 123752 ----a-w- c:\program files (x86)\eguiEmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 46032 ----a-w- c:\program files (x86)\eeclnt.exe
2013-03-21 13:19 . 2013-03-21 13:19 119144 ----a-w- c:\program files (x86)\eguiDmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 171144 ----a-w- c:\program files (x86)\DMON.dll
2013-03-21 13:19 . 2013-03-21 13:19 51664 ----a-w- c:\program files (x86)\ecmd.exe
2013-03-21 13:19 . 2013-03-21 13:19 299304 ----a-w- c:\program files (x86)\ecls.exe
2013-03-21 13:19 . 2013-03-21 13:19 355008 ----a-w- c:\program files (x86)\eguiAmon.dll
2013-03-21 13:19 . 2013-03-21 13:19 72800 ----a-w- c:\program files (x86)\callmsi.exe
2013-03-19 06:04 . 2013-04-10 12:02 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 12:02 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 12:02 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 12:02 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 12:02 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 12:02 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-15 05:53 . 2013-03-28 13:25 7573816 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:53 . 2013-03-28 13:25 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2013-03-28 13:25 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-03-15 05:53 . 2013-03-28 13:25 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-03-15 05:53 . 2013-03-28 13:25 11048736 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-15 05:53 . 2013-03-28 13:25 9414456 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:53 . 2013-03-28 13:25 2913056 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:53 . 2013-03-28 13:25 2728736 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-03-15 05:53 . 2013-03-28 13:25 2355488 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-28 13:25 1995552 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-28 13:25 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll
2013-03-15 05:53 . 2013-03-28 13:25 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2013-03-28 13:25 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll
2013-03-15 05:53 . 2013-03-28 13:25 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:53 . 2013-03-28 13:25 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-03-15 05:53 . 2012-10-10 20:23 6271872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-03-15 05:53 . 2012-10-10 20:23 7959000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-03-15 05:53 . 2012-10-10 20:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-05-23 14:28 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2011-01-08 22:07 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2009-07-13 21:59 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 04:16 . 2010-10-16 12:13 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2010-10-16 12:13 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2010-10-16 12:13 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 04:16 . 2010-10-16 12:13 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2010-10-16 12:13 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-08 16:26 . 2013-03-08 16:26 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-08 16:26 . 2012-07-31 17:17 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-08 16:26 . 2011-07-01 13:06 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-10 15:45 164352 --sh--w- c:\windows\SysWOW64\SC.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"2kadiras"="2kadiras.exe" [2003-08-20 32768]
"adiras"="2kadiras.exe" [2003-08-20 32768]
"Razer Imperator Driver"="c:\program files (x86)\razer\imperator\razerimperatorsystray.exe" [2011-06-03 979360]
"Arctosa"="c:\program files (x86)\razer\arctosa\razerhid.exe" [2008-10-06 147456]
"SwitchBoard"="c:\program files (x86)\common files\adobe\switchboard\switchboard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"DT PLP"=c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -PLP
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"wcmdmgr"=c:\windows\wt\updater\wcmdmgrl.exe -launch
"WT GameChannel"=c:\program files (x86)\WildTangent\Apps\GameChannel.exe
"LogitechCommunicationsManager"=c:\program files (x86)\common files\logishrd\lcommgr\communications_helper.exe
"LogitechQuickCamRibbon"="c:\program files (x86)\labtec\webcam10\webcam10.exe" /hide
"PivotSoftware"=c:\program files (x86)\portrait displays\pivot software\wpctrl.exe
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 77688]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 EagleX64;EagleX64; [x]
R3 EfiVariable;Efi Variable Service;c:\windows\SysWOW64\Drivers\variable64.sys [2010-10-28 18200]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-07 14448]
R3 LVcKap64;Logitech AEC Driver;c:\windows\system32\DRIVERS\LVcKap64.sys [2007-03-06 1029024]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-03-06 58400]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-25 19456]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\DRIVERS\s3017bus.sys [2007-12-10 109096]
R3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 19496]
R3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 146984]
R3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 130600]
R3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 34344]
R3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s3017obex.sys [2007-12-10 125480]
R3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\DRIVERS\s3017unic.sys [2007-12-10 144936]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-10-25 57856]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0; [x]
R3 X6va005;X6va005; [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [2012-05-08 17192]
R4 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 35256]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-19 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
S2 ekrn;ESET Service;c:\program files (x86)\x86\ekrn.exe [2013-03-21 1341664]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2013-01-10 139768]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-11-09 189608]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-12-17 109168]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-08-09 741224]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 18:02]
.
2013-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-24 14:56]
.
2013-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-24 14:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"egui"="c:\program files (x86)\egui.exe" [2013-03-21 6330568]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\8usojcdb.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)
ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)
ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)
AddRemove-Moorhuhn 2 V1.1 - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-861332635-3556599228-1674643736-1002\Software\SecuROM\License information*]
"datasecu"=hex:de,f9,cc,cc,a8,7b,16,94,7d,d3,5b,e9,bf,6e,1e,a9,5b,f0,97,87,6c,
5e,0b,81,25,36,82,44,8e,7d,4b,eb,8f,62,ed,f8,91,02,ba,f6,81,51,8a,c3,73,8b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-23 14:54:45
ComboFix-quarantined-files.txt 2013-05-23 12:54
ComboFix2.txt 2013-05-22 20:19
.
Před spuštěním: Volných bajtů: 209 027 813 376
Po spuštění: Volných bajtů: 208 328 134 656
.
- - End Of File - - 5B2CF233404EE747BD1366E39ECDD7A8

VIRY.CZ

Problém oprávnění

Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění

Re: Problém oprávnění