Tady to je
ComboFix 11-08-30.01 - Administrator 30.08.2011 15:19:27.1.4 - x64
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1250.420.1029.18.8190.5908 [GMT 2:00]
Spuštěný z: D:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Pivot Stickfigure Toolbar\tbHElper.dll
c:\programdata\b7c20c
c:\programdata\b7c20c\461.mof
c:\programdata\b7c20c\BackUp\AutoClicker.lnk
c:\programdata\b7c20c\BackUp\hamachi.lnk
c:\programdata\b7c20c\SSS.ico
c:\programdata\b7c20c\trz21D4.tmp
c:\programdata\b7c20c\trz4528.tmp
c:\programdata\b7c20c\trz6A09.tmp
c:\programdata\b7c20c\trz6F5E.tmp
c:\programdata\b7c20c\trz7BF2.tmp
c:\programdata\b7c20c\trzA521.tmp
c:\programdata\b7c20c\trzAD9D.tmp
c:\programdata\b7c20c\trzB48F.tmp
c:\programdata\b7c20c\trzB527.tmp
c:\programdata\b7c20c\trzC8DB.tmp
c:\programdata\b7c20c\trzD0B9.tmp
c:\programdata\b7c20c\trzDEF8.tmp
c:\programdata\b7c20c\trzE18A.tmp
c:\programdata\b7c20c\trzE354.tmp
c:\programdata\b7c20c\trzECE8.tmp
c:\programdata\b7c20c\trzF92C.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\System Smart Security.lnk
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\cid.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\cid.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\CLSV.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\ddv.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\ddv.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\delfile.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\dudl.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\eb.exe
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\energy.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\energy.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\exec.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\exec.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\fan.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\fan.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\fix.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\fix.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\FS.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\FS.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\FW.exe
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\hymt.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\kernel32.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\kernel32.exe
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\kernel32.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\pal.exe
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\pal.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\PE.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\PE.exe
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\PE.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\PE.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\runddl.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\runddl.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.dll
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\sld.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\sld.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\snl2w.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\std.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\tjd.drv
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\tjd.exe
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\tjd.sys
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\tjd.tmp
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Smart Security.lnk
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\System Smart Security.lnk
c:\users\Administrator\AppData\Roaming\System Smart Security
c:\users\Administrator\AppData\Roaming\System Smart Security\cookies.sqlite
c:\users\Administrator\AppData\Roaming\System Smart Security\Instructions.ini
c:\windows\directx.sys
c:\windows\svchost.com
c:\windows\system32\drivers\etc\host_new
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-30 )))))))))))))))))))))))))))))))
.
.
2011-08-30 13:24 . 2011-08-30 13:24 -------- d-----w- c:\users\DZ\AppData\Local\temp
2011-08-30 13:24 . 2011-08-30 13:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-30 12:40 . 2011-08-30 12:40 -------- d-----w- C:\rsit
2011-08-30 12:40 . 2011-08-30 12:40 -------- d-----w- c:\program files\trend micro
2011-08-30 08:04 . 2011-08-30 08:04 -------- d-----w- c:\windows\Microsoft_app
2011-08-28 22:36 . 2011-08-28 23:00 -------- d-----w- C:\FR
2011-08-28 10:06 . 2011-08-28 10:11 -------- d-----w- C:\Nová složka (2)
2011-08-28 09:48 . 2011-08-28 10:06 -------- d-----w- C:\Nová složka
2011-08-28 09:43 . 2009-07-04 16:39 -------- d-----w- C:\tutorial
2011-08-28 09:39 . 2011-08-29 18:52 534528 ----a-w- C:\m2.exe
2011-08-28 09:39 . 2011-08-29 18:52 661865 ----a-w- C:\Extraction Helper .exe
2011-08-28 09:39 . 2011-08-29 18:52 214016 ----a-w- C:\Archiver Helper.exe
2011-08-28 09:39 . 2010-07-14 12:20 -------- d-----r- C:\system
2011-08-28 09:29 . 2011-08-28 09:30 -------- d-----w- C:\extract
2011-08-28 09:27 . 2011-08-28 09:29 -------- d-----w- C:\Source
2011-08-28 09:25 . 2010-04-12 17:01 551473 ----a-w-4 epvp.exe C:\EASYFI~1.EXE
2011-08-27 14:54 . 2011-08-29 18:52 874744 ----a-w- c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2011-08-27 14:54 . 2011-08-29 18:52 430040 ----a-w- c:\program files (x86)\Mozilla Firefox\updater.exe
2011-08-27 14:54 . 2011-08-29 18:52 282584 ----a-w- c:\program files (x86)\Mozilla Firefox\crashreporter.exe
2011-08-27 14:54 . 2011-08-12 06:10 134104 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-08-27 10:33 . 2011-08-27 10:33 -------- d-----w- c:\programdata\DynDNS
2011-08-26 07:53 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8B91D79F-96E2-495D-825A-11570A0492A5}\mpengine.dll
2011-08-24 10:13 . 2011-08-24 10:13 -------- d-----w- c:\users\Administrator\AppData\Roaming\SynthMaker
2011-08-24 09:50 . 2011-08-24 09:50 -------- d-----w- c:\users\Administrator\AppData\Roaming\.minecraft
2011-08-24 09:23 . 2011-07-11 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 09:23 . 2011-07-11 13:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-08-23 23:31 . 2011-08-29 18:53 276848 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{C9A5048A-26A6-440B-A059-9DF9956C4D44}\ARPPRODUCTICON.exe
2011-08-23 23:31 . 2011-08-23 23:31 -------- d-----w- c:\program files\Yamaha
2011-08-23 23:27 . 2011-08-23 23:30 -------- d-----w- c:\users\Administrator\AppData\Local\Downloaded Installations
2011-08-23 23:26 . 2011-08-23 23:26 -------- d-----w- c:\program files (x86)\YAMAHA
2011-08-23 23:24 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2011-08-23 23:24 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2011-08-23 23:24 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2011-08-23 23:24 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2011-08-23 23:24 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2011-08-23 23:24 . 2011-08-23 23:24 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2011-08-23 23:24 . 2011-08-23 23:24 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2011-08-23 09:26 . 2011-08-30 09:34 -------- d-----r- c:\users\Administrator\ss
2011-08-21 14:13 . 2011-08-21 20:23 -------- d-----w- C:\Eddy2
2011-08-20 11:39 . 2011-06-30 21:33 46091776 ----a-w- C:\Game-Tool.exe
2011-08-20 09:45 . 2011-08-20 09:46 13304846 ----a-w- C:\MT2ExpMod_1.1.0.0(1).exe
2011-08-19 20:08 . 2011-08-19 20:13 -------- d-----w- c:\program files (x86)\ConTEXT
2011-08-19 12:49 . 2011-08-19 12:48 25908634 ----a-w- C:\MT2ExpMod_1.2.0.0(1).exe
2011-08-19 11:32 . 2011-08-20 10:44 -------- d-----w- c:\users\Administrator\AppData\Roaming\expedit
2011-08-19 11:32 . 2011-01-29 23:48 -------- d-----r- C:\EXP Edit
2011-08-19 11:32 . 2010-12-11 12:32 -------- d-----w- C:\Free_UPX
2011-08-18 20:57 . 2011-08-18 23:08 -------- d-----w- c:\users\Administrator\AppData\Roaming\EditPlus 3
2011-08-18 20:57 . 2011-08-18 20:58 -------- d-----w- c:\program files (x86)\EditPlus 3
2011-08-18 20:31 . 2011-08-18 20:26 25916826 ----a-w- C:\MT2ExpMod_1.2.0.0.exe
2011-08-18 20:12 . 2010-12-01 16:05 1321744 ----a-w-exe C:\EXP_ED~1.EXE
2011-08-17 22:08 . 2011-08-27 10:33 -------- d-----w- c:\program files (x86)\DynDNS Updater
2011-08-16 19:28 . 2011-08-16 19:28 -------- d-----w- c:\users\AppData
2011-08-16 19:28 . 2011-08-16 19:28 -------- d-----w- c:\program files (x86)\Conduit
2011-08-16 19:28 . 2011-08-16 19:28 -------- d-----w- c:\program files (x86)\BS_Player
2011-08-16 19:28 . 2011-08-16 19:29 -------- d-----w- c:\users\Administrator\AppData\Roaming\BSplayer
2011-08-16 19:28 . 2011-08-16 19:28 -------- d-----w- c:\users\Administrator\AppData\Roaming\BSplayer Pro
2011-08-16 19:28 . 2011-08-16 19:28 -------- d-----w- c:\program files (x86)\Webteh
2011-08-16 15:54 . 2011-08-16 15:54 -------- d-----w- C:\hl2
2011-08-16 10:34 . 2011-08-16 10:34 -------- d-----w- c:\users\Administrator\.thumbnails
2011-08-16 10:33 . 2011-08-29 00:37 -------- d-----w- c:\users\Administrator\.gimp-2.6
2011-08-16 10:17 . 2011-08-28 20:06 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-08-15 15:45 . 2011-08-15 15:45 -------- d-----w- c:\program files\Peter
2011-08-15 14:22 . 2011-08-15 14:22 -------- d-----w- c:\users\Administrator\AppData\Local\NFS Underground 2
2011-08-13 10:05 . 2011-08-13 10:05 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-07 12:33 . 2011-08-07 12:33 -------- d-----w- c:\program files (x86)\RTF Viewer
2011-08-05 17:25 . 2000-01-01 01:00 167704 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
2011-08-05 17:22 . 2011-08-05 17:22 -------- d-----w- c:\program files\Tracker Software
2011-08-05 10:19 . 2011-08-05 10:19 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2011-08-05 10:19 . 2011-08-05 10:19 -------- d-----w- c:\programdata\ICQ
2011-08-05 10:18 . 2011-08-30 13:17 -------- d-----w- c:\users\Administrator\AppData\Roaming\ICQ
2011-08-05 10:18 . 2011-08-30 13:14 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-08-04 16:46 . 2011-08-04 16:47 -------- d-----w- c:\program files\Valve
2011-08-03 20:09 . 2011-08-03 20:09 -------- d-----w- c:\users\DZ\.VirtualBox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-30 13:27 . 2011-08-30 13:27 41472 ----a-w- c:\windows\svchost.com
2011-08-05 16:07 . 2011-06-23 20:07 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-16 19:41 . 2011-06-19 18:02 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-07-16 14:31 . 2011-07-16 14:31 525544 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-25 01:02 . 2011-06-25 01:02 9216 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2011-06-19 19:30 . 2011-06-19 19:30 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2011-06-02 13:50 . 2011-07-16 11:54 2764288 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files (x86)\BS_Player\tbBS_P.dll" [2010-11-29 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-11-29 13:26 3908192 ----a-w- c:\program files (x86)\BS_Player\tbBS_P.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files (x86)\BS_Player\tbBS_P.dll" [2010-11-29 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-08-30 483192]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-30 4980544]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-30 165952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-09-06 707584]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2011-08-30 1220096]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-08-30 1312624]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - c:\program files (x86)\Hamachi\hamachi.exe [2011-7-16 699680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoClicker.lnk - d:\c\AutoClickExtreme\AutoClicker.exe [2011-7-3 3006976]
DynDNS Updater Tray Icon.lnk - c:\program files (x86)\DynDNS Updater\DynTray.exe [2011-4-15 233328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);c:\windows\system32\drivers\ymidusbx64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DynDNS Updater;DynDNS Updater;c:\program files (x86)\DynDNS Updater\DynUpSvc.exe [2011-04-15 93048]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2008-12-11 4297728]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-09-01 235624]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-17 185640]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1052879530-2571350418-974908233-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-27 13:16]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1052879530-2571350418-974908233-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-27 13:16]
.
2011-08-30 c:\windows\Tasks\User_Feed_Synchronization-{B97A25D9-03BE-46A8-B934-C7C86E756055}.job
- c:\windows\system32\msfeedssync.exe [2010-09-22 21:33]
.
.
--------- x86-64 -----------
.
.
NETSVCS MUSÍ BÝT OPRAVENY - dosavadní položky jsou:
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://
www.bigseekpro.com/pivotstickfigure/{7B ... A6D93936BD}
mLocal Page = %SystemRoot%\system32\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.100
TCP: Interfaces\{17C5919F-1FA8-487F-90AF-5F9E31C2B18C}: NameServer = 216.146.35.35,216.146.36.36
TCP: Interfaces\{FF7DD46C-4A79-4268-A3DE-EF61F58CF371}: NameServer = 216.146.35.35,216.146.36.36
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wsacl368.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=
.
.
------- Asociace souborů -------
.
exefile=c:\windows\svchost.com "%1" %*
.txt=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{9a29aeac-5ebd-407c-b5e2-144157d51936} - (no file)
BHO-{9a29aeac-5ebd-407c-b5e2-144157d51936} - (no file)
Toolbar-{9a29aeac-5ebd-407c-b5e2-144157d51936} - (no file)
Wow6432Node-HKCU-Run-WeatherBugAlert - c:\program files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-4StoryPrePatch - d:\program files (x86)\Gameforge4D\4Story\PrePatch.exe
AddRemove-4StoryCZ_is1 - d:\program files (x86)\Gameforge4D\4Story\unins000.exe
AddRemove-7-Zip - c:\program files (x86)\7-Zip\Uninstall.exe
AddRemove-Adobe Flash Player Plugin - c:\windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe
AddRemove-Ashampoo ClipFinder HD_is1 - c:\program files (x86)\Ashampoo\Ashampoo ClipFinder HD\unins000.exe
AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe
AddRemove-Cole2k Media - Codec Pack - c:\windows\SysWOW64\C2MP\Uninst.exe
AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-Counter-Strike: Source - d:\program files (x86)\Counter-Strike Source\Uninst.exe
AddRemove-Counter-Strike: Source Texture Pack 1.00 - c:\program files (x86)\Counter-Strike Source\Uninstall.exe
AddRemove-DivX Setup.divx.com - c:\programdata\DivX\Setup\DivXSetup.exe
AddRemove-FileZilla Client - d:\program files (x86)\FileZilla FTP Client\uninstall.exe
AddRemove-FL Studio 10 - d:\program files (x86)\Image-Line\FL Studio 10\uninstall.exe
AddRemove-iFree Skype Recorder - c:\program files (x86)\iFree Skype Recorder\uninst.exe
AddRemove-MP3 Audio Recorder - c:\program files (x86)\MP3 Audio Recorder\uninst.exe
AddRemove-NewBlue 3D Explosions for Windows - c:\program files (x86)\NewBlue\3D Explosions for Windows\UninstalVegas.exe
AddRemove-NewBlue 3D Transformations for Windows - c:\program files (x86)\NewBlue\3D Transformations for Windows\UninstalVegas.exe
AddRemove-NVIDIAStereo - c:\program files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe
AddRemove-OJOsoft Total Video Converter_is1 - d:\program files (x86)\OJOsoft\OJOsoft Total Video Converter\unins000.exe
AddRemove-Open Video Converter_is1 - c:\program files (x86)\VideoConverter\unins000.exe
AddRemove-Opera 11.11.2109 - c:\program files (x86)\Opera\Opera.exe
AddRemove-Pivot Stickfigure Animator_is1 - c:\program files (x86)\Pivot Stickfigure Animator\unins000.exe
AddRemove-Pivot Stickfigure Toolbar - c:\program files (x86)\Pivot Stickfigure Toolbar\UninstallToolbar.exe
AddRemove-PluginPac - c:\program files (x86)\Sonic Foundry\Vegas 3.0\Video Plug-Ins\PluginPac\uninst.exe
AddRemove-Pocket Voice Recorder_is1 - c:\program files (x86)\XemiComputers\Pocket Voice Recorder\unins000.exe
AddRemove-PremiumSoft Navicat Lite_is1 - d:\navicat lite\unins000.exe
AddRemove-RadioCatch Toolbar - c:\progra~2\RADIOC~2\UNINST~1.EXE
AddRemove-RadioCatch Web Radio Recorder_is1 - c:\program files (x86)\RadioCatch Web Radio Recorder\unins000.exe
AddRemove-save2pc_is1 - c:\program files (x86)\FDRLab\save2pc\unins000.exe
AddRemove-TmNationsForever_is1 - c:\program files\TmNationsForever\unins000.exe
AddRemove-TmUnitedForever_is1 - d:\tmunitedforever\unins000.exe
AddRemove-uTorrent - d:\program files (x86)\uTorrent\uTorrent.exe
AddRemove-Valve_2 - d:\program files (x86)\Counter-Strike Source\Uninstall.exe
AddRemove-Virtual DJ - Atomix Productions - d:\progra~1\VIRTUA~1\UNWISE.EXE
AddRemove-WampServer 2_is1 - d:\wamp\unins000.exe
AddRemove-WinX Free MP4 to AVI Converter_is1 - c:\program files (x86)\Digiarty\WinX_Free_MP4_to_AVI_Converter\unins000.exe
AddRemove-{14F55D20-A582-4909-BF97-DE6778BB17F3}_is1 - c:\program files (x86)\Skype Recorder\unins000.exe
AddRemove-{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D} - d:\program files\EAUninstall.exe
AddRemove-{81BDE21C-9D90-416A-9D7C-740626209AAC}_is1 - d:\metin2multikliens\unins000.exe
AddRemove-{9DD1E180-64EE-4595-A97F-33FA51E4588B}_is1 - d:\program files (x86)\DaemonicMU Season IV\unins000.exe
AddRemove-{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1 - c:\program files (x86)\MP3Recorder\unins000.exe
AddRemove-{F0A37341-D692-11D4-A984-009027EC0A9C} - c:\program files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.avi"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.CDA"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\AcroRD32.exe"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.epk\UserChoice]
@Denied: (2) (Administrator)
"Progid"="epk_auto_file"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="com.adobe.flv"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iso\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\BitTorrent.exe"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lua\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\EDITPLUS.EXE"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.M3U"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="CCCP.WMP.AssocFile.MKV.1"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.MP2"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp4"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="CCCP.WMP.AssocFile.OGM.1"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PNG\UserChoice]
@Denied: (2) (Administrator)
"Progid"="png_auto_file"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.quest\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\ConTEXT.exe"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sub\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\notepad.exe"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\pfstudiox.exe"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\ConTEXT.exe"
.
[HKEY_USERS\S-1-5-21-1052879530-2571350418-974908233-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6C12F7B8-A9DC-2323-9E66-62851D642ACA}*]
"makjeblfbafbkaomcdndggcamh"=hex:6f,61,64,70,67,6e,6e,62,67,6c,6c,63,6f,63,70,
6e,61,6a,6c,6e,67,63,67,63,67,65,6c,6b,63,61,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\AASP\1.00.40\aaCenter.exe
c:\users\ADMINI~1\AppData\Local\Temp\3582-490\aaCenter.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
c:\program files (x86)\DAEMON Tools Lite\DTShellHlp.exe
.
**************************************************************************
.
Celkový čas: 2011-08-30 15:31:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-30 13:31
.
Před spuštěním: 8 180 342 784
Po spuštění: 7 785 349 120
.
Current=1 Default=1 Failed=0 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 8659C91132B22B9A802F3A2B2830B3B5