Acer notas - prosim o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Martinor

Acer notas - prosim o kontrolu

Příspěvekod Martinor » 05 led 2011 16:58

Mám nějaky pomaly start

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:22, on 5.1.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Martinor\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\QIP Infium JadrisPack\qip.exe
C:\Users\Martinor\Desktop\Just Cause 2 v1.0.0.1 + 15 Trainer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Martinor\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.6.0_22\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-RQQ4E.exe" /REG /REGSVRMODE
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - Startup: Dropbox.lnk = Martinor\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
O8 - Extra context menu item: Download using ASUS Download - C:\Program Files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PhoneMyPC_Helper - SoftwareForMe Inc - C:\Program Files (x86)\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: ASUS Virtual MFP Service (UsbService) - Unknown owner - C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9828 bytes
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK
Nahoru
Reklama
Top
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Acer notas - prosim o kontrolu

Příspěvekod memphisto » 05 led 2011 17:51

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Martinor

Re: Acer notas - prosim o kontrolu

Příspěvekod Martinor » 06 led 2011 10:39

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5462

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6.1.2011 10:39:18
mbam-log-2011-01-06 (10-39-18).txt

Typ kontroly: Rychlý test
Testované objekty: 160958
Uplynulý čas: 3 minut, 1 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Acer notas - prosim o kontrolu

Příspěvekod memphisto » 06 led 2011 10:40

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Martinor

Re: Acer notas - prosim o kontrolu

Příspěvekod Martinor » 06 led 2011 13:30

ComboFix 11-01-05.05 - Martinor 06.01.2011 13:21:29.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3764.2220 [GMT 1:00]
Spuštěný z: c:\users\Martinor\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\In1_32.dll
c:\windows\In2_32.dll
c:\windows\In3_32.dll
c:\windows\In4_32.dll
c:\windows\In5_32.dll
c:\windows\system32\ubgrid.ocx
c:\windows\SysWow64\KIn1_32.dll
c:\windows\SysWow64\KIn2_32.dll
c:\windows\SysWow64\KIn3_32.dll
c:\windows\SysWow64\KIn4_32.dll
c:\windows\SysWow64\KIn5_32.dll
c:\windows\SysWow64\ubgrid.ocx
c:\windows\Total.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-06 do 2011-01-06 )))))))))))))))))))))))))))))))
.

2011-01-06 12:27 . 2011-01-06 12:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-05 15:43 . 2011-01-05 15:43 -------- d-----w- c:\program files (x86)\TeamViewer
2011-01-05 09:34 . 2011-01-05 10:08 -------- d-----w- c:\users\Martinor\AppData\Roaming\Dev-Cpp
2011-01-05 09:34 . 2011-01-05 09:51 -------- d-----w- C:\Dev-Cpp
2011-01-02 21:01 . 2006-11-28 20:46 52800 ----a-w- c:\windows\SysWow64\drivers\PCASp50.sys
2011-01-02 21:01 . 2006-11-28 20:46 41280 ----a-w- c:\windows\SysWow64\drivers\PCASp50a64.sys
2011-01-02 21:01 . 2011-01-02 21:01 -------- d-----w- c:\users\Martinor\AppData\Roaming\InstallShield
2011-01-02 20:58 . 2011-01-02 21:00 -------- d-----w- c:\users\Martinor\AppData\Roaming\Download Manager
2011-01-02 18:04 . 2003-04-21 20:46 61440 ----a-w- c:\windows\SysWow64\ASIW32N50.dll
2011-01-02 18:04 . 2002-09-10 18:35 16302 ----a-w- c:\windows\SysWow64\ASINDIS5.sys
2011-01-02 18:04 . 2001-04-16 04:48 15577 ----a-w- c:\windows\SysWow64\ASINDIS3.vxd
2011-01-02 18:04 . 2011-01-02 18:04 -------- d-----w- c:\program files (x86)\ASUS
2011-01-02 14:05 . 2011-01-02 14:05 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-02 13:32 . 2011-01-02 13:36 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-02 13:31 . 2011-01-02 13:31 -------- d-----w- c:\program files (x86)\Adobe Media Player
2010-12-31 00:03 . 2011-01-03 09:28 -------- d-----w- c:\users\Martinor\AppData\Roaming\Media Player Classic
2010-12-31 00:02 . 2010-12-31 00:02 -------- d-----w- c:\program files\Media Player Classic - Home Cinema
2010-12-30 23:01 . 2010-12-30 23:01 -------- d-----w- c:\users\Martinor\AppData\Local\cache
2010-12-30 22:59 . 2010-12-30 23:56 -------- d-----w- c:\users\Martinor\AppData\Local\FullTiltPoker
2010-12-30 22:59 . 2011-01-03 08:09 -------- d-----w- c:\program files (x86)\Full Tilt Poker
2010-12-30 00:45 . 2010-12-30 00:45 5607 ----a-w- c:\windows\~GLH0001.TMP
2010-12-30 00:45 . 2010-12-30 00:45 27136 ----a-w- c:\windows\~GLH0000.TMP
2010-12-30 00:45 . 2010-12-30 00:45 140288 ----a-w- c:\windows\~GLC0000.TMP
2010-12-28 08:24 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2DD049A4-A331-4745-A8C6-5154412D5B90}\mpengine.dll
2010-12-27 19:11 . 2010-12-27 19:11 0 ----a-w- c:\windows\SysWow64\REN1C0A.tmp
2010-12-27 19:11 . 2010-12-27 19:11 0 ----a-w- c:\windows\SysWow64\REN1C09.tmp
2010-12-27 19:11 . 2010-12-27 19:11 0 ----a-w- c:\windows\SysWow64\REN1C08.tmp
2010-12-27 19:07 . 2010-12-27 19:07 0 ----a-w- c:\windows\SysWow64\REN3B7B.tmp
2010-12-27 19:07 . 2010-12-27 19:07 0 ----a-w- c:\windows\SysWow64\REN3B7A.tmp
2010-12-27 19:07 . 2010-12-27 19:07 0 ----a-w- c:\windows\SysWow64\REN3A9F.tmp
2010-12-27 19:07 . 2010-12-27 19:12 -------- d-----w- c:\program files (x86)\Java
2010-12-26 23:30 . 2011-01-01 14:12 -------- d-----w- c:\users\Martinor\AppData\Local\ElevatedDiagnostics
2010-12-25 21:07 . 2011-01-05 15:43 -------- d-----w- c:\users\Martinor\AppData\Roaming\TeamViewer
2010-12-25 20:20 . 2010-12-25 20:20 -------- d-----w- c:\program files (x86)\Universal Extractor
2010-12-25 19:58 . 2010-12-25 19:58 -------- d-----w- c:\windows\msagent
2010-12-25 19:58 . 2004-02-22 23:00 119808 ----a-w- c:\windows\SysWow64\Msstdfmt.dll
2010-12-25 19:58 . 2005-12-28 14:44 162816 ----a-w- c:\windows\SysWow64\fmod.dll
2010-12-25 19:58 . 2003-07-22 22:04 32768 ----a-w- c:\windows\SysWow64\inpout32.dll
2010-12-25 19:58 . 2002-01-04 17:16 122880 ----a-w- c:\windows\SysWow64\atDisplay.ocx
2010-12-25 19:58 . 2000-07-09 19:15 106496 ----a-w- c:\windows\SysWow64\MBPrgBar.ocx
2010-12-25 19:58 . 2000-05-22 15:57 140488 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2010-12-25 19:58 . 1999-08-27 15:55 57344 ----a-w- c:\windows\SysWow64\PZUTimer.ocx
2010-12-25 19:58 . 1998-06-26 00:00 644400 ----a-w- c:\windows\SysWow64\Mscomct2.ocx
2010-12-25 19:58 . 1998-06-26 00:00 1062704 ----a-w- c:\windows\SysWow64\Mscomctl.ocx
2010-12-25 19:58 . 1998-06-23 23:00 103744 ----a-w- c:\windows\SysWow64\Mscomm32.ocx
2010-12-25 19:58 . 2010-12-26 23:30 -------- d-----w- c:\program files (x86)\JukeboxPlus5
2010-12-24 21:41 . 2010-12-24 21:41 -------- d-----w- c:\programdata\Cobian
2010-12-24 21:41 . 2011-01-01 16:20 -------- d-----w- c:\program files (x86)\Cobian Backup 9
2010-12-18 21:50 . 2010-12-18 21:50 -------- d-----w- c:\programdata\EA Core
2010-12-17 09:43 . 2011-01-05 07:50 -------- d-----w- c:\program files (x86)\Free PDF to Word Converter
2010-12-14 13:11 . 2010-12-14 13:21 -------- d-----w- c:\program files (x86)\World of Warcraft
2010-12-13 18:53 . 2010-12-13 18:53 -------- d-----w- C:\_OTM
2010-12-13 18:52 . 2010-12-13 18:52 519680 ----a-w- C:\OTM_2.exe
2010-12-12 21:02 . 2010-12-13 10:47 -------- d-----w- c:\program files (x86)\uTorrent
2010-12-12 21:01 . 2011-01-06 11:00 -------- d-----w- c:\users\Martinor\AppData\Roaming\uTorrent
2010-12-09 21:27 . 2010-12-09 21:27 -------- d-----w- C:\games
2010-12-09 16:40 . 2010-12-09 16:40 -------- d-----w- c:\users\Martinor\AppData\Roaming\Malwarebytes
2010-12-09 16:40 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-09 16:40 . 2010-12-09 16:40 -------- d-----w- c:\programdata\Malwarebytes
2010-12-09 16:40 . 2011-01-06 06:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-12-09 16:12 . 2010-12-09 16:12 -------- d-----w- c:\users\Martinor\DoctorWeb
2010-12-07 14:02 . 2010-12-07 14:14 -------- d-----w- c:\program files (x86)\TrackMania Sunrise

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-27 19:11 . 2010-11-29 16:38 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-06 08:35 . 2010-12-06 08:35 86016 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-12-06 08:35 . 2010-12-06 08:35 262144 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\SysWow64\GPhotos.scr
2010-12-01 07:11 . 2010-11-24 07:57 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2010-12-01 07:06 . 2010-11-24 07:57 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2010-11-30 18:53 . 2010-11-27 12:54 269128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2010-11-27 16:51 . 2010-11-27 16:51 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2010-11-27 16:22 . 2010-11-27 16:22 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2010-11-27 12:54 . 2010-11-24 07:57 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-11-25 10:46 . 2010-11-25 10:46 29536 ----a-w- c:\windows\SysWow64\drivers\TVicHW32.sys
2010-11-24 08:42 . 2010-11-24 08:42 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2010-11-22 15:14 . 2010-11-22 15:14 737280 ----a-w- c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-12-13_08.16.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-11-22 15:57 . 2010-09-08 04:28 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2010-12-16 19:19 . 2010-11-04 05:49 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2010-12-16 19:19 . 2010-11-04 05:46 12800 c:\windows\SysWOW64\msfeedssync.exe
- 2010-11-22 15:57 . 2010-09-08 04:25 12800 c:\windows\SysWOW64\msfeedssync.exe
- 2010-11-22 15:57 . 2010-09-08 04:28 64512 c:\windows\SysWOW64\msfeedsbs.dll
+ 2010-12-16 19:19 . 2010-11-04 05:49 64512 c:\windows\SysWOW64\msfeedsbs.dll
+ 2010-12-16 19:19 . 2010-11-04 05:52 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2010-11-22 15:57 . 2010-09-08 04:30 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2010-12-16 19:19 . 2010-11-04 05:48 44544 c:\windows\SysWOW64\licmgr10.dll
- 2010-11-22 15:57 . 2010-09-08 04:28 44544 c:\windows\SysWOW64\licmgr10.dll
- 2010-11-22 15:57 . 2010-09-08 04:28 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2010-12-16 19:19 . 2010-11-04 05:48 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2007-12-04 16:02 . 2009-11-26 16:53 53248 c:\windows\SysWOW64\IPCamera.exe
- 2007-12-04 16:02 . 2009-01-06 10:54 53248 c:\windows\SysWOW64\IPCamera.exe
- 2009-07-14 04:54 . 2010-12-12 09:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-06 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-06 10:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2010-12-12 09:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-06 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2010-12-12 09:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-16 19:19 . 2010-10-20 04:54 34304 c:\windows\SysWOW64\atmlib.dll
- 2010-11-22 15:57 . 2010-05-27 07:24 34304 c:\windows\SysWOW64\atmlib.dll
+ 2010-05-10 23:04 . 2011-01-06 11:00 56592 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-06 11:00 41962 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-22 13:48 . 2011-01-06 06:52 11180 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1933996916-1471762874-1522238108-1001_UserData.bin
+ 2007-06-28 10:46 . 2007-06-28 10:46 66560 c:\windows\system32\nmwcdclsx64.dll
- 2010-11-22 15:57 . 2010-09-08 05:35 97280 c:\windows\system32\mshtmled.dll
+ 2010-12-16 19:19 . 2010-11-04 06:32 97280 c:\windows\system32\mshtmled.dll
+ 2010-12-16 19:19 . 2010-11-04 06:28 12288 c:\windows\system32\msfeedssync.exe
- 2010-11-22 15:57 . 2010-09-08 05:31 12288 c:\windows\system32\msfeedssync.exe
+ 2010-12-16 19:19 . 2010-11-04 06:32 82944 c:\windows\system32\msfeedsbs.dll
- 2010-11-22 15:57 . 2010-09-08 05:35 82944 c:\windows\system32\msfeedsbs.dll
+ 2010-12-16 19:19 . 2010-11-04 06:35 95232 c:\windows\system32\migration\WininetPlugin.dll
- 2010-11-22 15:57 . 2010-09-08 05:36 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2010-12-16 19:19 . 2010-11-04 06:31 57856 c:\windows\system32\licmgr10.dll
- 2010-11-22 15:57 . 2010-09-08 05:34 57856 c:\windows\system32\licmgr10.dll
+ 2010-12-16 19:19 . 2010-11-04 06:31 64512 c:\windows\system32\jsproxy.dll
- 2010-11-22 15:57 . 2010-09-08 05:34 64512 c:\windows\system32\jsproxy.dll
- 2009-07-14 05:30 . 2010-12-11 17:39 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-01-02 18:05 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-01-02 18:04 . 2007-12-17 09:25 47616 c:\windows\system32\DriverStore\FileRepository\vuh.inf_amd64_neutral_d7a8df34601e4d41\vuhub.sys
+ 2009-04-29 15:28 . 2009-04-29 15:28 30208 c:\windows\system32\DriverStore\FileRepository\uamoudrv.inf_amd64_neutral_f258ee7e96497fcd\KMWDFILTER.sys
+ 2007-06-28 10:46 . 2007-06-28 10:46 66560 c:\windows\system32\DriverStore\FileRepository\nmwcdx64.inf_amd64_neutral_476ea667dfe3f61d\nmwcdclsx64.dll
+ 2007-06-28 10:46 . 2007-06-28 10:46 17408 c:\windows\system32\DriverStore\FileRepository\nmwcdmx64.inf_amd64_neutral_569e3b0493a8386b\nmwcdcmx64.sys
+ 2007-06-28 10:46 . 2007-06-28 10:46 12288 c:\windows\system32\DriverStore\FileRepository\nmwcdcx64.inf_amd64_neutral_84c7b8f8971b88d3\nmwcdcx64.sys
+ 2007-06-28 10:46 . 2007-06-28 10:46 17408 c:\windows\system32\DriverStore\FileRepository\nmwcdcjx64.inf_amd64_neutral_17f2f094e2265e71\nmwcdcjx64.sys
+ 2011-01-02 18:04 . 2007-12-17 09:25 47616 c:\windows\system32\drivers\vuhub.sys
+ 2011-01-02 21:01 . 2006-11-28 20:46 41280 c:\windows\system32\drivers\PCASp50a64.sys
- 2010-12-09 16:40 . 2010-11-29 16:42 24152 c:\windows\system32\drivers\mbam.sys
+ 2010-12-09 16:40 . 2010-12-20 17:08 24152 c:\windows\system32\drivers\mbam.sys
+ 2009-04-29 15:28 . 2009-04-29 15:28 30208 c:\windows\system32\drivers\KMWDFILTER.sys
+ 2010-11-23 04:42 . 2011-01-06 08:23 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-23 04:42 . 2010-12-12 19:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-23 04:42 . 2010-12-12 19:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-11-23 04:42 . 2011-01-06 08:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-06 08:23 . 2011-01-06 08:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011010620110107\index.dat
+ 2011-01-05 07:28 . 2011-01-05 07:28 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011010520110106\index.dat
+ 2011-01-03 14:50 . 2011-01-03 14:50 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011010320110104\index.dat
+ 2011-01-02 13:25 . 2011-01-02 13:24 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011010220110103\index.dat
+ 2011-01-01 12:55 . 2011-01-01 12:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011010120110102\index.dat
+ 2010-12-30 21:49 . 2010-12-30 21:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010123020101231\index.dat
+ 2010-12-29 21:42 . 2010-12-29 21:42 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122920101230\index.dat
+ 2010-12-28 19:17 . 2010-12-28 19:17 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122820101229\index.dat
+ 2010-12-27 17:45 . 2010-12-27 17:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122720101228\index.dat
+ 2010-12-26 17:41 . 2010-12-26 17:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122620101227\index.dat
+ 2010-12-25 15:07 . 2010-12-25 15:07 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122520101226\index.dat
+ 2010-12-24 14:43 . 2010-12-24 14:43 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122420101225\index.dat
+ 2010-12-23 14:32 . 2010-12-23 14:32 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122320101224\index.dat
+ 2010-12-22 14:05 . 2010-12-22 14:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122220101223\index.dat
+ 2010-12-20 13:49 . 2010-12-20 13:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010122020101221\index.dat
+ 2010-12-20 13:49 . 2010-12-20 13:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010121320101220\index.dat
- 2009-07-14 04:54 . 2010-12-12 19:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-06 08:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-22 15:57 . 2010-05-27 06:34 46080 c:\windows\system32\atmlib.dll
+ 2010-12-16 19:19 . 2010-10-20 05:20 46080 c:\windows\system32\atmlib.dll
- 2010-11-22 13:57 . 2010-12-12 09:52 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-22 13:57 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-01-02 19:19 82368 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-11-22 13:57 . 2011-01-06 11:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-11-22 13:57 . 2010-12-12 09:52 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-11-22 13:57 . 2010-12-12 09:52 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-22 13:57 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-22 13:52 . 2010-12-12 09:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-22 13:52 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-22 13:52 . 2010-12-12 09:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-22 13:52 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 1998-09-15 16:53 . 1998-09-15 16:53 53313 c:\windows\msagent\mslwvtts.dll
+ 1998-09-15 16:21 . 1998-09-15 16:21 28672 c:\windows\msagent\intl\Agt0409.dll
+ 1998-09-15 16:55 . 1998-09-15 16:55 61504 c:\windows\msagent\AgentSR.dll
+ 1998-09-15 16:21 . 1998-09-15 16:21 36864 c:\windows\msagent\AgentPsh.dll
+ 1998-09-15 16:55 . 1998-09-15 16:55 61505 c:\windows\msagent\AgentMPx.dll
+ 1998-09-15 16:52 . 1998-09-15 16:52 65601 c:\windows\msagent\AgentDPv.dll
+ 1998-09-15 16:51 . 1998-09-15 16:51 61505 c:\windows\msagent\AgentDp2.dll
+ 1998-09-15 16:55 . 1998-09-15 16:55 41010 c:\windows\msagent\AgentAnm.dll
+ 2011-01-02 13:31 . 2011-01-02 13:31 22528 c:\windows\Installer\2fa9ba8.msi
+ 2011-01-02 13:29 . 2011-01-02 13:29 23040 c:\windows\Installer\2fa9b80.msi
+ 2011-01-02 13:29 . 2011-01-02 13:29 31232 c:\windows\Installer\2fa9b7b.msi
+ 2011-01-02 13:28 . 2011-01-02 13:28 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
+ 2011-01-02 13:28 . 2011-01-02 13:28 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2011-01-02 13:31 . 2011-01-02 13:31 10134 c:\windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}\ARPPRODUCTICON.exe
+ 2011-01-02 13:31 . 2011-01-02 13:31 10134 c:\windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}\ARPPRODUCTICON.exe
+ 2011-01-02 13:28 . 2011-01-02 13:28 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2011-01-02 13:29 . 2011-01-02 13:29 10134 c:\windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}\ARPPRODUCTICON.exe
+ 2011-01-02 13:30 . 2011-01-02 13:30 10134 c:\windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}\ARPPRODUCTICON.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 34144 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\oisicon.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 34144 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\oisicon.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 42848 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\msouc.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 42848 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\msouc.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 19296 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\cagicon.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 19296 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\cagicon.exe
+ 2011-01-02 13:31 . 2011-01-02 13:31 10134 c:\windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}\ARPPRODUCTICON.exe
+ 2011-01-02 13:28 . 2011-01-02 13:28 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2011-01-02 13:30 . 2011-01-02 13:30 10134 c:\windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}\ARPPRODUCTICON.exe
+ 2011-01-02 13:31 . 2011-01-02 13:31 10134 c:\windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}\ARPPRODUCTICON.exe
+ 2011-01-02 13:30 . 2011-01-02 13:30 10134 c:\windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe
+ 2011-01-02 13:28 . 2011-01-02 13:28 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2011-01-02 13:28 . 2011-01-02 13:28 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
- 2010-11-22 15:58 . 2010-06-19 06:15 2048 c:\windows\SysWOW64\tzres.dll
+ 2010-12-16 19:19 . 2010-10-27 04:32 2048 c:\windows\SysWOW64\tzres.dll
+ 2010-11-24 12:07 . 2011-01-05 21:23 3480 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-12-16 19:19 . 2010-10-27 05:06 2048 c:\windows\system32\tzres.dll
- 2010-11-22 15:58 . 2010-06-19 06:48 2048 c:\windows\system32\tzres.dll
+ 2011-01-02 14:40 . 2011-01-02 14:40 9560 c:\windows\system32\NetworkList\Icons\{EA93F70A-E6E9-4505-B329-60D1C9E951D1}_48.bin
+ 2011-01-02 14:40 . 2011-01-02 14:40 4280 c:\windows\system32\NetworkList\Icons\{EA93F70A-E6E9-4505-B329-60D1C9E951D1}_32.bin
+ 2011-01-02 14:40 . 2011-01-02 14:40 2456 c:\windows\system32\NetworkList\Icons\{EA93F70A-E6E9-4505-B329-60D1C9E951D1}_24.bin
+ 2010-12-23 12:05 . 2010-12-23 12:05 9560 c:\windows\system32\NetworkList\Icons\{BCFBBDD9-830C-4B5D-B67D-95B5C353D7C8}_48.bin
+ 2010-12-23 12:05 . 2010-12-23 12:05 4280 c:\windows\system32\NetworkList\Icons\{BCFBBDD9-830C-4B5D-B67D-95B5C353D7C8}_32.bin
+ 2010-12-23 12:05 . 2010-12-23 12:05 2456 c:\windows\system32\NetworkList\Icons\{BCFBBDD9-830C-4B5D-B67D-95B5C353D7C8}_24.bin
+ 2010-12-23 12:07 . 2010-12-23 12:07 9560 c:\windows\system32\NetworkList\Icons\{7FD1BEE5-A7EA-4661-87D0-5E4085CCA8AA}_48.bin
+ 2010-12-23 12:07 . 2010-12-23 12:07 4280 c:\windows\system32\NetworkList\Icons\{7FD1BEE5-A7EA-4661-87D0-5E4085CCA8AA}_32.bin
+ 2010-12-23 12:07 . 2010-12-23 12:07 2456 c:\windows\system32\NetworkList\Icons\{7FD1BEE5-A7EA-4661-87D0-5E4085CCA8AA}_24.bin
+ 2010-12-23 12:39 . 2010-12-23 12:39 9560 c:\windows\system32\NetworkList\Icons\{7DF9D8D9-A37A-4EC5-9B3C-9B1A00E1B2EC}_48.bin
+ 2010-12-23 12:39 . 2010-12-23 12:39 4280 c:\windows\system32\NetworkList\Icons\{7DF9D8D9-A37A-4EC5-9B3C-9B1A00E1B2EC}_32.bin
+ 2010-12-23 12:39 . 2010-12-23 12:39 2456 c:\windows\system32\NetworkList\Icons\{7DF9D8D9-A37A-4EC5-9B3C-9B1A00E1B2EC}_24.bin
+ 2011-01-05 09:24 . 2011-01-05 09:24 9560 c:\windows\system32\NetworkList\Icons\{7CE7E05A-4F50-4EC0-BD95-250380424050}_48.bin
+ 2011-01-05 09:24 . 2011-01-05 09:24 4280 c:\windows\system32\NetworkList\Icons\{7CE7E05A-4F50-4EC0-BD95-250380424050}_32.bin
+ 2011-01-05 09:24 . 2011-01-05 09:24 2456 c:\windows\system32\NetworkList\Icons\{7CE7E05A-4F50-4EC0-BD95-250380424050}_24.bin
+ 2010-12-28 15:10 . 2010-12-28 15:10 9560 c:\windows\system32\NetworkList\Icons\{689A5D2A-03F5-4FF9-8A31-E67C305E3F22}_48.bin
+ 2010-12-28 15:10 . 2010-12-28 15:10 4280 c:\windows\system32\NetworkList\Icons\{689A5D2A-03F5-4FF9-8A31-E67C305E3F22}_32.bin
+ 2010-12-28 15:10 . 2010-12-28 15:10 2456 c:\windows\system32\NetworkList\Icons\{689A5D2A-03F5-4FF9-8A31-E67C305E3F22}_24.bin
+ 2010-12-28 23:07 . 2010-12-28 23:07 9560 c:\windows\system32\NetworkList\Icons\{6057E19D-EAB8-4EC9-9269-36B1487ED388}_48.bin
+ 2010-12-28 23:07 . 2010-12-28 23:07 4280 c:\windows\system32\NetworkList\Icons\{6057E19D-EAB8-4EC9-9269-36B1487ED388}_32.bin
+ 2010-12-28 23:07 . 2010-12-28 23:07 2456 c:\windows\system32\NetworkList\Icons\{6057E19D-EAB8-4EC9-9269-36B1487ED388}_24.bin
+ 2010-12-28 22:58 . 2010-12-28 22:58 9560 c:\windows\system32\NetworkList\Icons\{44B4C8BB-D819-43AC-8852-E68BA0251A49}_48.bin
+ 2010-12-28 22:58 . 2010-12-28 22:58 4280 c:\windows\system32\NetworkList\Icons\{44B4C8BB-D819-43AC-8852-E68BA0251A49}_32.bin
+ 2010-12-28 22:58 . 2010-12-28 22:58 2456 c:\windows\system32\NetworkList\Icons\{44B4C8BB-D819-43AC-8852-E68BA0251A49}_24.bin
+ 2010-08-22 15:40 . 2011-01-05 21:23 6078 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2010-12-12 09:50 . 2010-12-12 09:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-06 10:58 . 2011-01-06 10:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-06 10:58 . 2011-01-06 10:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-12-12 09:50 . 2010-12-12 09:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-12-16 19:19 . 2010-11-04 05:52 978944 c:\windows\SysWOW64\wininet.dll
+ 2010-12-16 19:19 . 2010-10-16 04:36 314368 c:\windows\SysWOW64\webio.dll
+ 2010-12-16 19:19 . 2010-11-02 04:40 496128 c:\windows\SysWOW64\taskschd.dll
- 2009-07-13 23:30 . 2009-07-14 01:16 496128 c:\windows\SysWOW64\taskschd.dll
+ 2010-12-16 19:19 . 2010-11-02 04:34 192000 c:\windows\SysWOW64\taskeng.exe
+ 2010-12-16 19:19 . 2010-11-02 04:40 305152 c:\windows\SysWOW64\taskcomp.dll
+ 2010-12-16 19:19 . 2010-11-02 04:34 179712 c:\windows\SysWOW64\schtasks.exe
- 2010-11-22 15:57 . 2010-09-08 04:28 606208 c:\windows\SysWOW64\mstime.dll
+ 2010-12-16 19:19 . 2010-11-04 05:49 606208 c:\windows\SysWOW64\mstime.dll
+ 2010-03-05 09:13 . 2010-03-05 09:13 947472 c:\windows\SysWOW64\msjava.dll
- 2010-11-22 15:57 . 2010-09-08 04:28 599040 c:\windows\SysWOW64\msfeeds.dll
+ 2010-12-16 19:19 . 2010-11-04 05:49 599040 c:\windows\SysWOW64\msfeeds.dll
+ 2010-12-27 19:12 . 2010-12-27 19:11 153376 c:\windows\SysWOW64\javaws.exe
- 2010-11-29 16:38 . 2010-11-29 16:38 153376 c:\windows\SysWOW64\javaws.exe
+ 2010-12-27 19:12 . 2010-12-27 19:11 145184 c:\windows\SysWOW64\javaw.exe
- 2010-11-29 16:38 . 2010-11-29 16:38 145184 c:\windows\SysWOW64\javaw.exe
+ 2010-12-27 19:12 . 2010-12-27 19:11 145184 c:\windows\SysWOW64\java.exe
- 2010-11-29 16:38 . 2010-11-29 16:38 145184 c:\windows\SysWOW64\java.exe
+ 2010-12-16 19:19 . 2010-11-04 05:48 176640 c:\windows\SysWOW64\ieui.dll
- 2010-11-22 15:57 . 2010-09-08 04:28 176640 c:\windows\SysWOW64\ieui.dll
+ 2010-12-16 19:19 . 2010-11-04 05:48 185856 c:\windows\SysWOW64\iepeers.dll
- 2010-11-22 15:57 . 2010-09-08 04:28 185856 c:\windows\SysWOW64\iepeers.dll
- 2010-11-22 15:57 . 2010-09-08 04:27 381440 c:\windows\SysWOW64\iedkcs32.dll
+ 2010-12-16 19:19 . 2010-11-04 05:48 381440 c:\windows\SysWOW64\iedkcs32.dll
+ 2010-12-16 19:19 . 2010-10-20 02:58 294400 c:\windows\SysWOW64\atmfd.dll
+ 2010-12-16 19:19 . 2010-11-02 05:18 524288 c:\windows\system32\wmicmiplugin.dll
+ 2010-12-16 19:19 . 2010-10-16 05:19 395776 c:\windows\system32\webio.dll
+ 2010-11-25 10:50 . 2011-01-06 07:53 366802 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-11-24 11:50 . 2010-12-26 14:14 293798 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2010-12-16 19:19 . 2010-11-02 05:10 464384 c:\windows\system32\taskeng.exe
- 2009-07-13 23:47 . 2009-07-14 01:41 473600 c:\windows\system32\taskcomp.dll
+ 2010-12-16 19:19 . 2010-11-02 05:17 473600 c:\windows\system32\taskcomp.dll
+ 2010-12-16 19:19 . 2010-11-02 05:10 285696 c:\windows\system32\schtasks.exe
+ 2009-07-14 02:36 . 2011-01-06 12:16 620150 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2010-12-12 20:06 620150 c:\windows\system32\perfh009.dat
+ 2010-08-22 16:06 . 2011-01-06 12:16 635232 c:\windows\system32\perfh005.dat
- 2010-08-22 16:06 . 2010-12-12 20:06 635232 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-01-06 12:16 108332 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2010-12-12 20:06 108332 c:\windows\system32\perfc009.dat
- 2010-08-22 16:06 . 2010-12-12 20:06 123974 c:\windows\system32\perfc005.dat
+ 2010-08-22 16:06 . 2011-01-06 12:16 123974 c:\windows\system32\perfc005.dat
+ 2007-06-28 10:46 . 2007-06-28 10:46 170496 c:\windows\system32\nsesetupx64.dll
+ 2007-06-28 10:46 . 2007-06-28 10:46 198656 c:\windows\system32\nmwcdcoclsx64.dll
+ 2010-12-16 19:19 . 2010-11-04 06:32 703488 c:\windows\system32\msfeeds.dll
- 2010-11-22 14:32 . 2010-10-19 20:51 270720 c:\windows\system32\MpSigStub.exe
+ 2010-11-22 14:32 . 2010-10-19 09:41 270720 c:\windows\system32\MpSigStub.exe
+ 2010-12-16 19:19 . 2010-11-04 06:31 247808 c:\windows\system32\ieui.dll
- 2010-11-22 15:57 . 2010-09-08 05:34 247808 c:\windows\system32\ieui.dll
- 2010-11-22 15:57 . 2010-09-08 05:34 256000 c:\windows\system32\iepeers.dll
+ 2010-12-16 19:19 . 2010-11-04 06:31 256000 c:\windows\system32\iepeers.dll
+ 2010-12-16 19:19 . 2010-11-04 06:31 445952 c:\windows\system32\iedkcs32.dll
- 2010-11-22 15:57 . 2010-09-08 05:34 445952 c:\windows\system32\iedkcs32.dll
+ 2009-07-14 05:30 . 2011-01-02 18:05 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2010-12-11 17:39 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-01-02 18:05 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2010-12-11 17:39 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2007-06-28 10:46 . 2007-06-28 10:46 170496 c:\windows\system32\DriverStore\FileRepository\nmwcdx64.inf_amd64_neutral_476ea667dfe3f61d\nsesetupx64.dll
+ 2007-06-28 10:47 . 2007-06-28 10:47 173056 c:\windows\system32\DriverStore\FileRepository\nmwcdx64.inf_amd64_neutral_476ea667dfe3f61d\nmwcdx64.sys
+ 2007-06-28 10:46 . 2007-06-28 10:46 198656 c:\windows\system32\DriverStore\FileRepository\nmwcdx64.inf_amd64_neutral_476ea667dfe3f61d\nmwcdcoclsx64.dll
+ 2007-06-28 10:47 . 2007-06-28 10:47 173056 c:\windows\system32\drivers\nmwcdx64.sys
+ 2010-12-28 14:58 . 2010-04-09 11:06 374664 c:\windows\system32\drivers\netio.sys
+ 2010-12-16 19:19 . 2010-10-16 05:23 112000 c:\windows\system32\consent.exe
- 2009-07-14 05:12 . 2010-12-10 21:09 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2010-12-27 14:59 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-12-16 19:19 . 2010-10-20 03:05 367104 c:\windows\system32\atmfd.dll
- 2010-11-22 14:21 . 2010-11-22 16:27 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-11-22 14:21 . 2011-01-05 07:47 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-02 15:09 . 2011-01-01 23:36 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-11-22 18:57 . 2011-01-01 17:55 592872 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 1998-10-02 12:00 . 1998-10-02 12:00 274497 c:\windows\msagent\AgentSvr.exe
+ 1998-09-15 16:54 . 1998-09-15 16:54 163905 c:\windows\msagent\AgentCtl.dll
+ 2010-11-10 23:38 . 2010-11-10 23:38 986624 c:\windows\Installer\44ee6.msp
+ 2010-07-22 01:44 . 2010-07-22 01:44 248832 c:\windows\Installer\44ec6.msp
+ 2010-04-07 14:49 . 2010-04-07 14:49 532992 c:\windows\Installer\2fa9b9e.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 620032 c:\windows\Installer\2fa9b94.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 510976 c:\windows\Installer\2fa9b8a.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 607744 c:\windows\Installer\2fa9b85.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 606208 c:\windows\Installer\2fa9b5c.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 725504 c:\windows\Installer\2fa9b52.msi
+ 2010-11-22 18:52 . 2010-12-17 06:04 415584 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pubs.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 415584 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pubs.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 303456 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\outicon.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 303456 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\outicon.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 571232 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\misc.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 571232 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\misc.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 326496 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\joticon.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 326496 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\joticon.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 469856 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\inficon.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 469856 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\inficon.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 178528 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\grvicons.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 178528 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\grvicons.exe
+ 2010-01-09 20:51 . 2010-01-09 20:51 143736 c:\windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\MSCONV97.DLL
- 2010-11-22 15:57 . 2010-09-08 04:30 1226752 c:\windows\SysWOW64\urlmon.dll
+ 2010-12-16 19:19 . 2010-11-04 05:52 1226752 c:\windows\SysWOW64\urlmon.dll
+ 2010-12-16 19:19 . 2010-11-04 05:49 5978112 c:\windows\SysWOW64\mshtml.dll
+ 2010-12-16 19:19 . 2010-11-04 05:48 2063360 c:\windows\SysWOW64\iertutil.dll
+ 2010-12-16 19:19 . 2010-11-04 06:35 1194496 c:\windows\system32\wininet.dll
+ 2010-12-16 19:19 . 2010-10-20 03:09 3124224 c:\windows\system32\win32k.sys
+ 2010-12-16 19:19 . 2010-11-04 06:35 1495040 c:\windows\system32\urlmon.dll
- 2010-11-22 15:57 . 2010-09-08 05:36 1495040 c:\windows\system32\urlmon.dll
+ 2010-12-16 19:19 . 2010-11-02 05:17 1169408 c:\windows\system32\taskschd.dll
+ 2010-12-16 19:19 . 2010-11-02 05:16 1114624 c:\windows\system32\schedsvc.dll
+ 2010-12-16 19:19 . 2010-11-04 06:32 1026560 c:\windows\system32\mstime.dll
+ 2010-12-16 19:19 . 2010-11-04 06:32 9306624 c:\windows\system32\mshtml.dll
+ 2010-12-16 19:19 . 2010-11-04 06:31 2447872 c:\windows\system32\iertutil.dll
+ 2009-07-14 04:45 . 2011-01-02 19:11 4899936 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2011-01-02 16:16 3852951 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2010-12-11 17:47 3852951 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-10-10 12:13 . 2010-10-10 12:13 9295360 c:\windows\Installer\44ef5.msp
+ 2010-11-10 23:38 . 2010-11-10 23:38 1068032 c:\windows\Installer\44ee7.msp
+ 2010-11-10 23:38 . 2010-11-10 23:38 1423872 c:\windows\Installer\44ee5.msp
+ 2010-11-19 12:37 . 2010-11-19 12:37 3445248 c:\windows\Installer\44eb0.msp
+ 2010-04-07 14:49 . 2010-04-07 14:49 2258944 c:\windows\Installer\2fa9bad.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 9998336 c:\windows\Installer\2fa9ba3.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 3123200 c:\windows\Installer\2fa9b99.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 1911808 c:\windows\Installer\2fa9b8f.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 1528320 c:\windows\Installer\2fa9b66.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 3670016 c:\windows\Installer\2fa9b57.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 1997312 c:\windows\Installer\2fa9b4d.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 2211328 c:\windows\Installer\2fa9b48.msi
- 2010-11-22 18:52 . 2010-11-23 02:02 1479520 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\xlicons.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 1479520 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\xlicons.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 1858400 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\wordicon.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 1858400 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\wordicon.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 3792736 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pptico.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 3792736 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pptico.exe
- 2010-11-22 18:52 . 2010-11-23 02:02 1449312 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\accicons.exe
+ 2010-11-22 18:52 . 2010-12-17 06:04 1449312 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\accicons.exe
+ 2010-03-01 04:22 . 2010-03-01 04:22 3114368 c:\windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\GKWORD.DLL
+ 2010-03-01 04:22 . 2010-03-01 04:22 2780032 c:\windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\GKPOWERPOINT.DLL
+ 2010-03-01 04:22 . 2010-03-01 04:22 4563328 c:\windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\GKEXCEL.DLL
+ 2010-12-16 19:19 . 2010-11-04 05:48 10989056 c:\windows\SysWOW64\ieframe.dll
- 2009-07-14 02:34 . 2010-12-12 20:01 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-01-06 11:09 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-11-22 16:00 . 2010-12-17 06:05 39298504 c:\windows\system32\MRT.exe
- 2010-11-22 15:57 . 2010-09-08 05:34 12369408 c:\windows\system32\ieframe.dll
+ 2010-12-16 19:19 . 2010-11-04 06:31 12369408 c:\windows\system32\ieframe.dll
+ 2010-11-10 23:36 . 2010-11-10 23:36 14808064 c:\windows\Installer\44eee.msp
+ 2010-12-27 19:11 . 2010-12-27 19:11 12589568 c:\windows\Installer\318fa.msi
+ 2010-04-07 14:49 . 2010-04-07 14:49 12719104 c:\windows\Installer\2fa9b61.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK
Nahoru
Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Martinor

Re: Acer notas - prosim o kontrolu

Příspěvekod Martinor » 06 led 2011 13:31

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2010-11-22 3265944]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-12-12 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-05-26 960080]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]

c:\users\Martinor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Martinor\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 136176]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-12-02 40448]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-05-20 38248]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-05-20 55336]
R3 atillk64;atillk64;c:\program files (x86)\AMD GPU Clock Tool\atillk64.sys [x]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys [2009-12-08 512512]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-05-20 294760]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 202792]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-05-20 52584]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-05-20 156392]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-05-25 264040]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752]
R3 flash;flash;c:\users\Martinor\Downloads\star\BIOS_Acer_1.19_A_A\BIOS_Acer_1.19_Windows\Winflash32\flash.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys [2007-06-28 173056]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS [2010-11-25 21200]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-22 1255736]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2009-02-03 77432]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-22 834544]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-21 202752]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-05-26 47776]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [2010-05-11 20968]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-05-26 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-01-20 819232]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-11-13 137792]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program files (x86)\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [2010-08-22 30208]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S2 UsbService;ASUS Virtual MFP Service;c:\program files (x86)\ASUS\Printer Utilities\UsbService64.exe [2010-02-11 326144]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
S3 AmdTools64;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools64.sys [2008-04-28 47160]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-05-20 32296]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-04-21 10322848]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
S3 vuhub;Virtual Usb Hub;c:\windows\system32\DRIVERS\vuhub.sys [2007-12-17 47616]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - NisDrv
.
Obsah adresáře 'Naplánované úlohy'

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 15:21]

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 15:21]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-11-03 14:41 82136 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-20 9996320]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-20 877600]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-05-26 585376]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-05-26 354464]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2010-03-09 345648]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-01-20 496160]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-21 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-21 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-21 413720]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download All by ASUS Download - c:\program files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Martinor\AppData\Roaming\Mozilla\Firefox\Profiles\sz4lh5z9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/ig
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Fasterfox Extra: {ABD782DD-6EA5-4008-A03D-3FF46E886D38} - %profile%\extensions\{ABD782DD-6EA5-4008-A03D-3FF46E886D38}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-01-06 13:29:48
ComboFix-quarantined-files.txt 2011-01-06 12:29
ComboFix2.txt 2010-12-13 15:46
ComboFix3.txt 2010-12-13 08:17

Před spuštěním: Volných bajtů: 422 098 423 808
Po spuštění: Volných bajtů: 422 115 160 064

- - End Of File - - D045C1C046F8F98677E517E7A61207BE
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Acer notas - prosim o kontrolu

Příspěvekod memphisto » 06 led 2011 17:41

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\iun6002.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=-
"ConsentPromptBehaviorAdmin"=-
"PromptOnSecureDesktop"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu


Toto otestuj na Virustotal
c:\windows\SysWow64\REN1C0A.tmp
c:\windows\SysWow64\REN1C09.tmp
c:\windows\SysWow64\REN1C08.tmp
c:\windows\SysWow64\REN3B7B.tmp
c:\windows\SysWow64\REN3B7A.tmp
c:\windows\SysWow64\REN3A9F.tmp
c:\windows\SysWow64\PZUTimer.ocx
c:\windows\SysWOW64\IPCamera.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Martinor

Re: Acer notas - prosim o kontrolu

Příspěvekod Martinor » 06 led 2011 19:09

ComboFix 11-01-06.01 - Martinor 06.01.2011 18:50:54.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3764.2634 [GMT 1:00]
Spuštěný z: c:\users\Martinor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martinor\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\windows\iun6002.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\iun6002.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-06 do 2011-01-06 )))))))))))))))))))))))))))))))
.

2011-01-06 18:00 . 2011-01-06 18:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-05 15:43 . 2011-01-05 15:43 -------- d-----w- c:\program files (x86)\TeamViewer
2011-01-05 09:34 . 2011-01-05 10:08 -------- d-----w- c:\users\Martinor\AppData\Roaming\Dev-Cpp
2011-01-05 09:34 . 2011-01-05 09:51 -------- d-----w- C:\Dev-Cpp
2011-01-02 21:01 . 2006-11-28 20:46 52800 ----a-w- c:\windows\SysWow64\drivers\PCASp50.sys
2011-01-02 21:01 . 2006-11-28 20:46 41280 ----a-w- c:\windows\SysWow64\drivers\PCASp50a64.sys
2011-01-02 21:01 . 2011-01-02 21:01 -------- d-----w- c:\users\Martinor\AppData\Roaming\InstallShield
2011-01-02 20:58 . 2011-01-02 21:00 -------- d-----w- c:\users\Martinor\AppData\Roaming\Download Manager
2011-01-02 18:04 . 2003-04-21 20:46 61440 ----a-w- c:\windows\SysWow64\ASIW32N50.dll
2011-01-02 18:04 . 2002-09-10 18:35 16302 ----a-w- c:\windows\SysWow64\ASINDIS5.sys
2011-01-02 18:04 . 2001-04-16 04:48 15577 ----a-w- c:\windows\SysWow64\ASINDIS3.vxd
2011-01-02 18:04 . 2011-01-02 18:04 -------- d-----w- c:\program files (x86)\ASUS
2011-01-02 14:05 . 2011-01-02 14:05 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-02 13:32 . 2011-01-02 13:36 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-02 13:31 . 2011-01-02 13:31 -------- d-----w- c:\program files (x86)\Adobe Media Player
2010-12-31 00:03 . 2011-01-03 09:28 -------- d-----w- c:\users\Martinor\AppData\Roaming\Media Player Classic
2010-12-31 00:02 . 2010-12-31 00:02 -------- d-----w- c:\program files\Media Player Classic - Home Cinema
2010-12-30 23:01 . 2010-12-30 23:01 -------- d-----w- c:\users\Martinor\AppData\Local\cache
2010-12-30 22:59 . 2010-12-30 23:56 -------- d-----w- c:\users\Martinor\AppData\Local\FullTiltPoker
2010-12-30 22:59 . 2011-01-03 08:09 -------- d-----w- c:\program files (x86)\Full Tilt Poker
2010-12-30 00:45 . 2010-12-30 00:45 5607 ----a-w- c:\windows\~GLH0001.TMP
2010-12-30 00:45 . 2010-12-30 00:45 27136 ----a-w- c:\windows\~GLH0000.TMP
2010-12-30 00:45 . 2010-12-30 00:45 140288 ----a-w- c:\windows\~GLC0000.TMP
2010-12-28 08:24 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2DD049A4-A331-4745-A8C6-5154412D5B90}\mpengine.dll
2010-12-27 19:11 . 2010-12-27 19:11 0 ----a-w- c:\windows\SysWow64\REN1C0A.tmp
2010-12-27 19:11 . 2010-12-27 19:11 0 ----a-w- c:\windows\SysWow64\REN1C09.tmp
2010-12-27 19:11 . 2010-12-27 19:11 0 ----a-w- c:\windows\SysWow64\REN1C08.tmp
2010-12-27 19:07 . 2010-12-27 19:07 0 ----a-w- c:\windows\SysWow64\REN3B7B.tmp
2010-12-27 19:07 . 2010-12-27 19:07 0 ----a-w- c:\windows\SysWow64\REN3B7A.tmp
2010-12-27 19:07 . 2010-12-27 19:07 0 ----a-w- c:\windows\SysWow64\REN3A9F.tmp
2010-12-27 19:07 . 2010-12-27 19:12 -------- d-----w- c:\program files (x86)\Java
2010-12-26 23:30 . 2011-01-01 14:12 -------- d-----w- c:\users\Martinor\AppData\Local\ElevatedDiagnostics
2010-12-25 21:07 . 2011-01-05 15:43 -------- d-----w- c:\users\Martinor\AppData\Roaming\TeamViewer
2010-12-25 20:20 . 2010-12-25 20:20 -------- d-----w- c:\program files (x86)\Universal Extractor
2010-12-25 19:58 . 2010-12-25 19:58 -------- d-----w- c:\windows\msagent
2010-12-25 19:58 . 2004-02-22 23:00 119808 ----a-w- c:\windows\SysWow64\Msstdfmt.dll
2010-12-25 19:58 . 2005-12-28 14:44 162816 ----a-w- c:\windows\SysWow64\fmod.dll
2010-12-25 19:58 . 2003-07-22 22:04 32768 ----a-w- c:\windows\SysWow64\inpout32.dll
2010-12-25 19:58 . 2002-01-04 17:16 122880 ----a-w- c:\windows\SysWow64\atDisplay.ocx
2010-12-25 19:58 . 2000-07-09 19:15 106496 ----a-w- c:\windows\SysWow64\MBPrgBar.ocx
2010-12-25 19:58 . 2000-05-22 15:57 140488 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2010-12-25 19:58 . 1999-08-27 15:55 57344 ----a-w- c:\windows\SysWow64\PZUTimer.ocx
2010-12-25 19:58 . 1998-06-26 00:00 644400 ----a-w- c:\windows\SysWow64\Mscomct2.ocx
2010-12-25 19:58 . 1998-06-26 00:00 1062704 ----a-w- c:\windows\SysWow64\Mscomctl.ocx
2010-12-25 19:58 . 1998-06-23 23:00 103744 ----a-w- c:\windows\SysWow64\Mscomm32.ocx
2010-12-25 19:58 . 2010-12-26 23:30 -------- d-----w- c:\program files (x86)\JukeboxPlus5
2010-12-24 21:41 . 2010-12-24 21:41 -------- d-----w- c:\programdata\Cobian
2010-12-24 21:41 . 2011-01-01 16:20 -------- d-----w- c:\program files (x86)\Cobian Backup 9
2010-12-18 21:50 . 2010-12-18 21:50 -------- d-----w- c:\programdata\EA Core
2010-12-17 09:43 . 2011-01-05 07:50 -------- d-----w- c:\program files (x86)\Free PDF to Word Converter
2010-12-14 13:11 . 2010-12-14 13:21 -------- d-----w- c:\program files (x86)\World of Warcraft
2010-12-13 18:53 . 2010-12-13 18:53 -------- d-----w- C:\_OTM
2010-12-12 21:02 . 2010-12-13 10:47 -------- d-----w- c:\program files (x86)\uTorrent
2010-12-12 21:01 . 2011-01-06 18:02 -------- d-----w- c:\users\Martinor\AppData\Roaming\uTorrent
2010-12-09 21:27 . 2010-12-09 21:27 -------- d-----w- C:\games
2010-12-09 16:40 . 2010-12-09 16:40 -------- d-----w- c:\users\Martinor\AppData\Roaming\Malwarebytes
2010-12-09 16:40 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-09 16:40 . 2010-12-09 16:40 -------- d-----w- c:\programdata\Malwarebytes
2010-12-09 16:40 . 2011-01-06 06:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-12-09 16:12 . 2010-12-09 16:12 -------- d-----w- c:\users\Martinor\DoctorWeb

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-27 19:11 . 2010-11-29 16:38 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-06 08:35 . 2010-12-06 08:35 86016 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-12-06 08:35 . 2010-12-06 08:35 262144 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\SysWow64\GPhotos.scr
2010-12-01 07:11 . 2010-11-24 07:57 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2010-12-01 07:06 . 2010-11-24 07:57 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2010-11-30 18:53 . 2010-11-27 12:54 269128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2010-11-27 16:51 . 2010-11-27 16:51 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2010-11-27 16:22 . 2010-11-27 16:22 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2010-11-27 12:54 . 2010-11-24 07:57 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-11-25 10:46 . 2010-11-25 10:46 29536 ----a-w- c:\windows\SysWow64\drivers\TVicHW32.sys
2010-11-24 08:42 . 2010-11-24 08:42 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
.

((((((((((((((((((((((((((((( SnapShot_2011-01-06_12.27.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-01-06 18:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-06 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-06 18:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-06 10:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-06 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-06 18:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-10 23:04 . 2011-01-06 12:35 56934 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-06 12:35 42018 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-22 13:48 . 2011-01-06 12:35 11204 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1933996916-1471762874-1522238108-1001_UserData.bin
- 2010-11-22 13:57 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-22 13:57 . 2011-01-06 18:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-22 13:57 . 2011-01-06 11:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-11-22 13:57 . 2011-01-06 18:02 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-11-22 13:57 . 2011-01-06 18:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-22 13:57 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-22 13:52 . 2011-01-06 18:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-22 13:52 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-22 13:52 . 2011-01-06 18:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-22 13:52 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-24 12:07 . 2011-01-05 21:23 3480 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-11-24 12:07 . 2011-01-06 18:00 3480 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-08-22 15:40 . 2011-01-06 18:00 6078 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2010-08-22 15:40 . 2011-01-05 21:23 6078 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-01-06 10:58 . 2011-01-06 10:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-06 18:01 . 2011-01-06 18:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-06 10:58 . 2011-01-06 10:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-06 18:01 . 2011-01-06 18:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-11-25 10:50 . 2011-01-06 17:39 367956 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-07-14 02:36 . 2011-01-06 17:47 620150 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-01-06 12:16 620150 c:\windows\system32\perfh009.dat
- 2010-08-22 16:06 . 2011-01-06 12:16 635232 c:\windows\system32\perfh005.dat
+ 2010-08-22 16:06 . 2011-01-06 17:47 635232 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-01-06 12:16 108332 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-01-06 17:47 108332 c:\windows\system32\perfc009.dat
- 2010-08-22 16:06 . 2011-01-06 12:16 123974 c:\windows\system32\perfc005.dat
+ 2010-08-22 16:06 . 2011-01-06 17:47 123974 c:\windows\system32\perfc005.dat
+ 2010-11-22 14:21 . 2011-01-06 18:02 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-11-22 14:21 . 2011-01-05 07:47 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 02:34 . 2011-01-06 11:09 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-01-06 12:47 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2010-11-22 3265944]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-12-12 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-05-26 960080]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]

c:\users\Martinor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Martinor\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 136176]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-12-02 40448]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-05-20 55336]
R3 atillk64;atillk64;c:\program files (x86)\AMD GPU Clock Tool\atillk64.sys [x]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys [2009-12-08 512512]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752]
R3 flash;flash;c:\users\Martinor\Downloads\star\BIOS_Acer_1.19_A_A\BIOS_Acer_1.19_Windows\Winflash32\flash.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys [2007-06-28 173056]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS [2010-11-25 21200]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-22 1255736]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2009-02-03 77432]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-22 834544]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-21 202752]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-05-26 47776]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [2010-05-11 20968]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-05-26 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-01-20 819232]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-11-13 137792]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program files (x86)\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [2010-08-22 30208]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S2 UsbService;ASUS Virtual MFP Service;c:\program files (x86)\ASUS\Printer Utilities\UsbService64.exe [2010-02-11 326144]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
S3 AmdTools64;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools64.sys [2008-04-28 47160]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-05-20 38248]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-05-20 294760]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-05-20 32296]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-05-20 52584]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-05-20 156392]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-05-25 264040]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-04-21 10322848]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
S3 vuhub;Virtual Usb Hub;c:\windows\system32\DRIVERS\vuhub.sys [2007-12-17 47616]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.
Obsah adresáře 'Naplánované úlohy'

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 15:21]

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 15:21]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-11-03 14:41 82136 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-20 9996320]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-20 877600]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-05-26 585376]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-05-26 354464]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2010-03-09 345648]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-01-20 496160]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-21 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-21 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-21 413720]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download All by ASUS Download - c:\program files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Martinor\AppData\Roaming\Mozilla\Firefox\Profiles\sz4lh5z9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/ig
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Fasterfox Extra: {ABD782DD-6EA5-4008-A03D-3FF46E886D38} - %profile%\extensions\{ABD782DD-6EA5-4008-A03D-3FF46E886D38}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Celkový čas: 2011-01-06 19:06:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-06 18:06
ComboFix2.txt 2011-01-06 12:29
ComboFix3.txt 2010-12-13 15:46
ComboFix4.txt 2010-12-13 08:17

Před spuštěním: Volných bajtů: 409 899 110 400
Po spuštění: Volných bajtů: 409 861 984 256

- - End Of File - - 90646023AF2E486ABA259AB7963102B9
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK
Nahoru
Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Martinor

Re: Acer notas - prosim o kontrolu

Příspěvekod Martinor » 06 led 2011 19:23

Tak jsem to házel na Virustotal.
PZUTimer.ocx a IPcamera.exe jsou bez nálezu.
Co se týče ostatních .tmp tak ty maj nulovou velikost takže je nejde ani uploadnout ani poslat emailem.Co stím?
Ale IPcamera.exe znám,mám přes ní napojenou IP kameru.
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Acer notas - prosim o kontrolu

Příspěvekod memphisto » 06 led 2011 19:44

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\~GLH0001.TMP
c:\windows\~GLH0000.TMP
c:\windows\~GLC0000.TMP
c:\windows\SysWow64\REN1C0A.tmp
c:\windows\SysWow64\REN1C09.tmp
c:\windows\SysWow64\REN1C08.tmp
c:\windows\SysWow64\REN3B7B.tmp
c:\windows\SysWow64\REN3B7A.tmp
c:\windows\SysWow64\REN3A9F.tmp
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Martinor

Re: Acer notas - prosim o kontrolu

Příspěvekod Martinor » 06 led 2011 19:59

ComboFix 11-01-06.02 - Martinor 06.01.2011 19:48:11.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3764.2323 [GMT 1:00]
Spuštěný z: c:\users\Martinor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martinor\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\windows\~GLC0000.TMP"
"c:\windows\~GLH0000.TMP"
"c:\windows\~GLH0001.TMP"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
"c:\windows\SysWow64\REN1C08.tmp"
"c:\windows\SysWow64\REN1C09.tmp"
"c:\windows\SysWow64\REN1C0A.tmp"
"c:\windows\SysWow64\REN3A9F.tmp"
"c:\windows\SysWow64\REN3B7A.tmp"
"c:\windows\SysWow64\REN3B7B.tmp"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Martinor\Desktop\Internet Explorer.lnk
c:\windows\~GLC0000.TMP
c:\windows\~GLH0000.TMP
c:\windows\~GLH0001.TMP
c:\windows\SysWow64\REN1C08.tmp
c:\windows\SysWow64\REN1C09.tmp
c:\windows\SysWow64\REN1C0A.tmp
c:\windows\SysWow64\REN3A9F.tmp
c:\windows\SysWow64\REN3B7A.tmp
c:\windows\SysWow64\REN3B7B.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-06 do 2011-01-06 )))))))))))))))))))))))))))))))
.

2011-01-06 18:52 . 2011-01-06 18:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-05 15:43 . 2011-01-05 15:43 -------- d-----w- c:\program files (x86)\TeamViewer
2011-01-05 09:34 . 2011-01-05 10:08 -------- d-----w- c:\users\Martinor\AppData\Roaming\Dev-Cpp
2011-01-05 09:34 . 2011-01-05 09:51 -------- d-----w- C:\Dev-Cpp
2011-01-02 21:01 . 2006-11-28 20:46 52800 ----a-w- c:\windows\SysWow64\drivers\PCASp50.sys
2011-01-02 21:01 . 2006-11-28 20:46 41280 ----a-w- c:\windows\SysWow64\drivers\PCASp50a64.sys
2011-01-02 21:01 . 2011-01-02 21:01 -------- d-----w- c:\users\Martinor\AppData\Roaming\InstallShield
2011-01-02 20:58 . 2011-01-02 21:00 -------- d-----w- c:\users\Martinor\AppData\Roaming\Download Manager
2011-01-02 18:04 . 2003-04-21 20:46 61440 ----a-w- c:\windows\SysWow64\ASIW32N50.dll
2011-01-02 18:04 . 2002-09-10 18:35 16302 ----a-w- c:\windows\SysWow64\ASINDIS5.sys
2011-01-02 18:04 . 2001-04-16 04:48 15577 ----a-w- c:\windows\SysWow64\ASINDIS3.vxd
2011-01-02 18:04 . 2011-01-02 18:04 -------- d-----w- c:\program files (x86)\ASUS
2011-01-02 14:05 . 2011-01-02 14:05 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-02 13:32 . 2011-01-02 13:36 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-02 13:31 . 2011-01-02 13:31 -------- d-----w- c:\program files (x86)\Adobe Media Player
2010-12-31 00:03 . 2011-01-03 09:28 -------- d-----w- c:\users\Martinor\AppData\Roaming\Media Player Classic
2010-12-31 00:02 . 2010-12-31 00:02 -------- d-----w- c:\program files\Media Player Classic - Home Cinema
2010-12-30 23:01 . 2010-12-30 23:01 -------- d-----w- c:\users\Martinor\AppData\Local\cache
2010-12-30 22:59 . 2010-12-30 23:56 -------- d-----w- c:\users\Martinor\AppData\Local\FullTiltPoker
2010-12-30 22:59 . 2011-01-03 08:09 -------- d-----w- c:\program files (x86)\Full Tilt Poker
2010-12-28 08:24 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2DD049A4-A331-4745-A8C6-5154412D5B90}\mpengine.dll
2010-12-27 19:07 . 2010-12-27 19:12 -------- d-----w- c:\program files (x86)\Java
2010-12-26 23:30 . 2011-01-01 14:12 -------- d-----w- c:\users\Martinor\AppData\Local\ElevatedDiagnostics
2010-12-25 21:07 . 2011-01-05 15:43 -------- d-----w- c:\users\Martinor\AppData\Roaming\TeamViewer
2010-12-25 20:20 . 2010-12-25 20:20 -------- d-----w- c:\program files (x86)\Universal Extractor
2010-12-25 19:58 . 2010-12-25 19:58 -------- d-----w- c:\windows\msagent
2010-12-25 19:58 . 2004-02-22 23:00 119808 ----a-w- c:\windows\SysWow64\Msstdfmt.dll
2010-12-25 19:58 . 2005-12-28 14:44 162816 ----a-w- c:\windows\SysWow64\fmod.dll
2010-12-25 19:58 . 2003-07-22 22:04 32768 ----a-w- c:\windows\SysWow64\inpout32.dll
2010-12-25 19:58 . 2002-01-04 17:16 122880 ----a-w- c:\windows\SysWow64\atDisplay.ocx
2010-12-25 19:58 . 2000-07-09 19:15 106496 ----a-w- c:\windows\SysWow64\MBPrgBar.ocx
2010-12-25 19:58 . 2000-05-22 15:57 140488 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2010-12-25 19:58 . 1999-08-27 15:55 57344 ----a-w- c:\windows\SysWow64\PZUTimer.ocx
2010-12-25 19:58 . 1998-06-26 00:00 644400 ----a-w- c:\windows\SysWow64\Mscomct2.ocx
2010-12-25 19:58 . 1998-06-26 00:00 1062704 ----a-w- c:\windows\SysWow64\Mscomctl.ocx
2010-12-25 19:58 . 1998-06-23 23:00 103744 ----a-w- c:\windows\SysWow64\Mscomm32.ocx
2010-12-25 19:58 . 2010-12-26 23:30 -------- d-----w- c:\program files (x86)\JukeboxPlus5
2010-12-24 21:41 . 2010-12-24 21:41 -------- d-----w- c:\programdata\Cobian
2010-12-24 21:41 . 2011-01-01 16:20 -------- d-----w- c:\program files (x86)\Cobian Backup 9
2010-12-18 21:50 . 2010-12-18 21:50 -------- d-----w- c:\programdata\EA Core
2010-12-17 09:43 . 2011-01-05 07:50 -------- d-----w- c:\program files (x86)\Free PDF to Word Converter
2010-12-14 13:11 . 2010-12-14 13:21 -------- d-----w- c:\program files (x86)\World of Warcraft
2010-12-13 18:53 . 2010-12-13 18:53 -------- d-----w- C:\_OTM
2010-12-12 21:02 . 2010-12-13 10:47 -------- d-----w- c:\program files (x86)\uTorrent
2010-12-12 21:01 . 2011-01-06 18:54 -------- d-----w- c:\users\Martinor\AppData\Roaming\uTorrent
2010-12-09 21:27 . 2010-12-09 21:27 -------- d-----w- C:\games
2010-12-09 16:40 . 2010-12-09 16:40 -------- d-----w- c:\users\Martinor\AppData\Roaming\Malwarebytes
2010-12-09 16:40 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-09 16:40 . 2010-12-09 16:40 -------- d-----w- c:\programdata\Malwarebytes
2010-12-09 16:40 . 2011-01-06 06:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-12-09 16:12 . 2010-12-09 16:12 -------- d-----w- c:\users\Martinor\DoctorWeb

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-27 19:11 . 2010-11-29 16:38 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-06 08:35 . 2010-12-06 08:35 86016 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-12-06 08:35 . 2010-12-06 08:35 262144 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\SysWow64\GPhotos.scr
2010-12-01 07:11 . 2010-11-24 07:57 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2010-12-01 07:06 . 2010-11-24 07:57 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2010-11-30 18:53 . 2010-11-27 12:54 269128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2010-11-27 16:51 . 2010-11-27 16:51 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2010-11-27 16:22 . 2010-11-27 16:22 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2010-11-27 12:54 . 2010-11-24 07:57 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-11-25 10:46 . 2010-11-25 10:46 29536 ----a-w- c:\windows\SysWow64\drivers\TVicHW32.sys
2010-11-24 08:42 . 2010-11-24 08:42 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
.

((((((((((((((((((((((((((((( SnapShot_2011-01-06_12.27.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-01-06 18:53 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-06 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-06 18:53 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-06 10:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-06 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-06 18:53 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-10 23:04 . 2011-01-06 12:35 56934 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-06 18:03 42066 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-22 13:48 . 2011-01-06 18:03 11532 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1933996916-1471762874-1522238108-1001_UserData.bin
- 2010-11-22 13:57 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-22 13:57 . 2011-01-06 18:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-22 13:57 . 2011-01-06 11:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-11-22 13:57 . 2011-01-06 18:54 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-11-22 13:57 . 2011-01-06 18:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-22 13:57 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-22 13:52 . 2011-01-06 18:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-22 13:52 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-22 13:52 . 2011-01-06 18:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-22 13:52 . 2011-01-06 11:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-24 12:07 . 2011-01-05 21:23 3480 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-11-24 12:07 . 2011-01-06 18:00 3480 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-08-22 15:40 . 2011-01-06 18:52 6078 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2010-08-22 15:40 . 2011-01-05 21:23 6078 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-01-06 10:58 . 2011-01-06 10:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-06 18:53 . 2011-01-06 18:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-06 10:58 . 2011-01-06 10:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-06 18:53 . 2011-01-06 18:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-11-25 10:50 . 2011-01-06 17:39 367956 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-07-14 02:36 . 2011-01-06 18:08 620150 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-01-06 12:16 620150 c:\windows\system32\perfh009.dat
- 2010-08-22 16:06 . 2011-01-06 12:16 635232 c:\windows\system32\perfh005.dat
+ 2010-08-22 16:06 . 2011-01-06 18:08 635232 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-01-06 12:16 108332 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-01-06 18:08 108332 c:\windows\system32\perfc009.dat
- 2010-08-22 16:06 . 2011-01-06 12:16 123974 c:\windows\system32\perfc005.dat
+ 2010-08-22 16:06 . 2011-01-06 18:08 123974 c:\windows\system32\perfc005.dat
+ 2010-11-22 14:21 . 2011-01-06 18:54 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-11-22 14:21 . 2011-01-05 07:47 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 02:34 . 2011-01-06 11:09 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-01-06 18:17 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2010-11-22 3265944]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-12-12 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-05-26 960080]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]

c:\users\Martinor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Martinor\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 136176]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-12-02 40448]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-05-20 55336]
R3 atillk64;atillk64;c:\program files (x86)\AMD GPU Clock Tool\atillk64.sys [x]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys [2009-12-08 512512]
R3 CFcatchme;CFcatchme;c:\users\Martinor\AppData\Local\Temp\CFcatchme.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752]
R3 flash;flash;c:\users\Martinor\Downloads\star\BIOS_Acer_1.19_A_A\BIOS_Acer_1.19_Windows\Winflash32\flash.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys [2007-06-28 173056]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS [2010-11-25 21200]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-22 1255736]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2009-02-03 77432]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-22 834544]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-21 202752]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-05-26 47776]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [2010-05-11 20968]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-05-26 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-01-20 819232]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-11-13 137792]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program files (x86)\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [2010-08-22 30208]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S2 UsbService;ASUS Virtual MFP Service;c:\program files (x86)\ASUS\Printer Utilities\UsbService64.exe [2010-02-11 326144]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-21 188928]
S3 AmdTools64;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools64.sys [2008-04-28 47160]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-05-20 38248]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-05-20 294760]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-05-20 32296]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-05-20 52584]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-05-20 156392]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-05-25 264040]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-04-21 10322848]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
S3 vuhub;Virtual Usb Hub;c:\windows\system32\DRIVERS\vuhub.sys [2007-12-17 47616]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.
Obsah adresáře 'Naplánované úlohy'

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 15:21]

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 15:21]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Martinor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-11-03 14:41 82136 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-20 9996320]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-20 877600]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-05-26 585376]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-05-26 354464]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2010-03-09 345648]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-01-20 496160]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-21 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-21 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-21 413720]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download All by ASUS Download - c:\program files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files (x86)\ASUS\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Martinor\AppData\Roaming\Mozilla\Firefox\Profiles\sz4lh5z9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/ig
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Fasterfox Extra: {ABD782DD-6EA5-4008-A03D-3FF46E886D38} - %profile%\extensions\{ABD782DD-6EA5-4008-A03D-3FF46E886D38}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Celkový čas: 2011-01-06 19:58:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-06 18:58
ComboFix2.txt 2011-01-06 18:06
ComboFix3.txt 2011-01-06 12:29
ComboFix4.txt 2010-12-13 15:46
ComboFix5.txt 2011-01-06 18:47

Před spuštěním: Volných bajtů: 409 892 327 424
Po spuštění: Volných bajtů: 409 847 050 240

- - End Of File - - A258BBA3644BFBCC0B4D68C0C2C566F9
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Acer notas - prosim o kontrolu

Příspěvekod memphisto » 06 led 2011 21:06

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials


+HJT

Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 86 hostů