Zamrzlý notebook Vyřešeno

[methis]

Dobrý den, dnes mi začal zlobit notebook. Nejdříve byl jen zpomalený, ale teď už po pár minutách totálně zamrzne. Ani nedojede HiJackThis. Takže mám log jen z nouzáku- to notebook šlape bez problémů- ale to je asi k ničemu co?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:13:59, on 24.6.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\MissMys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MissMys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\MissMys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MissMys\Downloads\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Google Update] "C:\Users\MissMys\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 8589 bytes

[Reklama]

[Žbeky]

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\MissMys\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[methis]

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verze databáze: 6931

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

24.6.2011 9:57:03
mbam-log-2011-06-24 (09-57-03).txt

Typ: Rychlá kontrola
Kontrolované objekty: 153494
Uplynulý čas: 2 minut, 41 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

[methis]

ComboFix 11-06-23.03 - MissMys 24.06.2011 11:04:52.3.2 - x86 NETWORK
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2038.1582 [GMT 2:00]
Spuštěný z: c:\users\MissMys\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-24 do 2011-06-24 )))))))))))))))))))))))))))))))
.
.
2011-06-24 09:16 . 2011-06-24 09:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-24 08:20 . 2011-06-24 08:20 -------- d-----w- c:\users\MissMys\AppData\Local\Ahead
2011-06-23 17:32 . 2011-06-23 17:32 -------- d-----w- C:\9802ab276ef2b53332
2011-06-22 06:05 . 2011-06-22 06:05 -------- d-----w- c:\windows\system32\SPReview
2011-06-22 06:04 . 2011-06-22 06:04 -------- d-----w- c:\windows\system32\EventProviders
2011-06-21 08:39 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0203FAF9-0B44-417C-A7A0-935E6A5F4A46}\mpengine.dll
2011-06-21 01:05 . 2011-06-21 01:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-06-19 13:33 . 2011-06-21 01:03 -------- d-----w- c:\program files\Microsoft Works
2011-06-19 13:30 . 2011-06-19 13:30 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-06-15 14:07 . 2011-06-16 06:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-15 09:42 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 09:42 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 09:42 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 09:42 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 09:42 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 09:42 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 09:42 . 2011-04-27 02:33 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-15 09:42 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 09:42 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 09:40 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:40 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:40 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-10 12:00 . 2011-06-10 12:00 -------- d-----w- c:\program files\Tracker Software
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-05-26 22:07 . 2011-05-26 22:09 -------- d-----w- c:\users\MissMys\AppData\Roaming\vlc
2011-05-26 22:07 . 2011-05-26 22:07 -------- d-----w- c:\program files\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 18:13 . 2011-01-06 15:36 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-05-29 07:11 . 2011-04-12 14:15 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-04-12 14:15 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 17:14 . 2010-07-26 11:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_ScreenshotReader.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_FineReader.exe
2011-05-10 12:10 . 2011-04-12 20:04 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-12 20:04 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-12 20:04 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-12 20:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-12 20:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-12 20:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-12 20:04 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-12 20:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-04 20:17 . 2010-12-28 23:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-05-04 20:17 . 2011-01-06 15:36 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-05-04 20:17 . 2011-01-06 15:36 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-05-04 20:17 . 2011-01-06 15:36 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-04-22 19:36 . 2011-05-25 06:55 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-16 19:19 . 2011-04-16 19:19 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:13 . 2011-05-11 17:48 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 17:48 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-18 21:13 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-11 2552648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2010-7-26 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-02 691696]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-05-04 238960]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-26 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-05-04 37592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001Core.job
- c:\users\MissMys\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-07 08:54]
.
2011-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001UA.job
- c:\users\MissMys\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-07 08:54]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}\D49775C414E4: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\MissMys\AppData\Roaming\Mozilla\Firefox\Profiles\2cnw3fw9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Zoom Page: zoompage@DW-dev - %profile%\extensions\zoompage@DW-dev
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-OEXPRESS - (no file)
HKCU-Run-Nektra OEAPI - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.032"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.apd"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.arw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bay"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.cs1"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djv"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djvu"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.fff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.gif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icn"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ilbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.int"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.inta"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iw4"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.j2c"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.j2k"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jp2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpe"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpk"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.kdc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.lbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.mef"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.nrw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pct"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pgm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.pict"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pix"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.ppm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pspbrush"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ras"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgba"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rsb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rw2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rwl"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.sgi"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.sr2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.thm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xpm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{335F5FCC-696D-4D4A-F52D-2BD12BDC4776}*]
"napoooinkjaejfmcjekpmgbckong"=hex:6b,61,65,6f,6c,6c,63,70,6c,6d,62,69,6e,66,
6d,61,61,62,6c,61,68,68,00,00
"oafpefaphahiihadeonimicgjllgaa"=hex:6b,61,65,6f,6c,6c,63,70,6c,6d,62,69,6e,66,
6d,61,61,62,6c,61,68,68,00,00
"gbnahiddeihpgkhcfgcfcfnfliljoolkcbpbdpcoljojka"=hex:66,61,6c,61,65,68,6c,6d,
65,6e,68,63,00,00
"bbhbnephaaehjiijmjdgbbbnieomfgbglhlh"=hex:68,62,66,70,69,61,6e,6c,66,70,6a,65,
66,6d,6e,66,67,65,69,6a,67,68,70,70,6b,70,68,6a,67,64,6a,62,69,64,6c,6b,6c,\
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}*]
"iabljpoalpaagepknj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
"haladepacbchghhk"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]
"japkoliikiidoelbjlbj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,
70,65,63,00,00
"iapkinomklkkhblnko"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
.
Celkový čas: 2011-06-24 11:19:04
ComboFix-quarantined-files.txt 2011-06-24 09:19
ComboFix2.txt 2011-04-12 15:59
.
Před spuštěním: Volných bajtů: 323 451 961 344
Po spuštění: Volných bajtů: 323 397 521 408
.
- - End Of File - - C933BF00A38E453F5F52CD7DB0A07EF7

[jaro3]

Máš zapnuty 3 antispywarové štíty:

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Musíš nechat jen jeden , ostatní trvale vypnout....
pokud máš celý balík Comodo , tak nechat ten a odinstalovat Avast , a vypnout Windows Defender..

Nastavení Comodo je zde:
http://www.viry.cz/forum/viewtopic.php?f=29&t=73650

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001UA.job

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=-
"ConsentPromptBehaviorAdmin"=-
"PromptOnSecureDesktop"=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT


Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.


TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
Znáš ty IP??

[methis]

Jdu na to... ty IPny neznám. Jinak s tím spywarem- mám avast free antivirus a comodo firewall- ne celý balík..... Prozatím děkuji

[methis]

ComboFix 11-06-23.03 - MissMys 24.06.2011 13:39:29.4.2 - x86 NETWORK
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2038.1402 [GMT 2:00]
Spuštěný z: c:\users\MissMys\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MissMys\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-414971957-2290763319-2668887875-1001UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-24 do 2011-06-24 )))))))))))))))))))))))))))))))
.
.
2011-06-24 11:51 . 2011-06-24 11:51 -------- d-----w- c:\users\MissMys\AppData\Local\temp
2011-06-24 11:51 . 2011-06-24 11:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-24 11:51 . 2011-06-24 11:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-24 09:34 . 2011-06-24 09:34 -------- d-----w- c:\users\MissMys\AppData\Local\Adobe
2011-06-24 08:20 . 2011-06-24 08:20 -------- d-----w- c:\users\MissMys\AppData\Local\Ahead
2011-06-23 17:32 . 2011-06-23 17:32 -------- d-----w- C:\9802ab276ef2b53332
2011-06-22 06:05 . 2011-06-22 06:05 -------- d-----w- c:\windows\system32\SPReview
2011-06-22 06:04 . 2011-06-22 06:04 -------- d-----w- c:\windows\system32\EventProviders
2011-06-21 08:39 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0203FAF9-0B44-417C-A7A0-935E6A5F4A46}\mpengine.dll
2011-06-21 01:05 . 2011-06-21 01:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-06-19 13:33 . 2011-06-21 01:03 -------- d-----w- c:\program files\Microsoft Works
2011-06-19 13:30 . 2011-06-19 13:30 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-06-15 14:07 . 2011-06-16 06:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-15 09:42 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 09:42 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 09:42 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 09:42 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 09:42 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 09:42 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 09:42 . 2011-04-27 02:33 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-15 09:42 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 09:42 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 09:40 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:40 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:40 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-10 12:00 . 2011-06-10 12:00 -------- d-----w- c:\program files\Tracker Software
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-05-26 22:07 . 2011-05-26 22:09 -------- d-----w- c:\users\MissMys\AppData\Roaming\vlc
2011-05-26 22:07 . 2011-05-26 22:07 -------- d-----w- c:\program files\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 18:13 . 2011-01-06 15:36 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-05-29 07:11 . 2011-04-12 14:15 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-04-12 14:15 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 17:14 . 2010-07-26 11:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_ScreenshotReader.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_FineReader.exe
2011-05-10 12:10 . 2011-04-12 20:04 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-12 20:04 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-12 20:04 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-12 20:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-12 20:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-12 20:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-12 20:04 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-12 20:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-04 20:17 . 2010-12-28 23:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-05-04 20:17 . 2011-01-06 15:36 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-05-04 20:17 . 2011-01-06 15:36 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-05-04 20:17 . 2011-01-06 15:36 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-04-22 19:36 . 2011-05-25 06:55 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-16 19:19 . 2011-04-16 19:19 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:13 . 2011-05-11 17:48 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 17:48 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-18 21:13 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-11 2552648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2010-7-26 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-02 691696]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-05-04 238960]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-26 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-05-04 37592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}\D49775C414E4: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\MissMys\AppData\Roaming\Mozilla\Firefox\Profiles\2cnw3fw9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Zoom Page: zoompage@DW-dev - %profile%\extensions\zoompage@DW-dev
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.032"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.apd"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.arw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bay"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.cs1"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djv"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djvu"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.fff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.gif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icn"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ilbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.int"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.inta"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iw4"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.j2c"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.j2k"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jp2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpe"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpk"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.kdc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.lbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.mef"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.nrw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pct"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pgm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.pict"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pix"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.ppm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pspbrush"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ras"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgba"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rsb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rw2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rwl"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.sgi"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.sr2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.thm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xpm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{335F5FCC-696D-4D4A-F52D-2BD12BDC4776}*]
"napoooinkjaejfmcjekpmgbckong"=hex:6b,61,65,6f,6c,6c,63,70,6c,6d,62,69,6e,66,
6d,61,61,62,6c,61,68,68,00,00
"oafpefaphahiihadeonimicgjllgaa"=hex:6b,61,65,6f,6c,6c,63,70,6c,6d,62,69,6e,66,
6d,61,61,62,6c,61,68,68,00,00
"gbnahiddeihpgkhcfgcfcfnfliljoolkcbpbdpcoljojka"=hex:66,61,6c,61,65,68,6c,6d,
65,6e,68,63,00,00
"bbhbnephaaehjiijmjdgbbbnieomfgbglhlh"=hex:68,62,66,70,69,61,6e,6c,66,70,6a,65,
66,6d,6e,66,67,65,69,6a,67,68,70,70,6b,70,68,6a,67,64,6a,62,69,64,6c,6b,6c,\
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}*]
"iabljpoalpaagepknj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
"haladepacbchghhk"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]
"japkoliikiidoelbjlbj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,
70,65,63,00,00
"iapkinomklkkhblnko"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
.
Celkový čas: 2011-06-24 13:54:14
ComboFix-quarantined-files.txt 2011-06-24 11:54
ComboFix2.txt 2011-06-24 09:19
ComboFix3.txt 2011-04-12 15:59
.
Před spuštěním: Volných bajtů: 323 393 462 272
Po spuštění: Volných bajtů: 323 341 213 696
.
- - End Of File - - 2007BDA6F5D6C93963B457A6A1156599

[methis]

Jinak musim jet pořád v nouzáku- v běžným módu pořád mrzne.

[jaro3]

je třeba vyřešit ty antispywarové štíty!!jsou všechny zapnuté!!

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
DDS::
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25

RegNull::
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{335F5FCC-696D-4D4A-F52D-2BD12BDC4776}*]
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}*]

RegLock::
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{335F5FCC-696D-4D4A-F52D-2BD12BDC4776}*]
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT


Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[methis]

ComboFix 11-06-23.03 - MissMys 24.06.2011 18:26:47.5.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2038.972 [GMT 2:00]
Spuštěný z: c:\users\MissMys\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MissMys\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-24 do 2011-06-24 )))))))))))))))))))))))))))))))
.
.
2011-06-24 16:47 . 2011-06-24 16:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-24 11:54 . 2011-06-24 16:49 -------- d-----w- c:\users\MissMys\AppData\Local\temp
2011-06-24 08:20 . 2011-06-24 08:20 -------- d-----w- c:\users\MissMys\AppData\Local\Ahead
2011-06-23 17:32 . 2011-06-23 17:32 -------- d-----w- C:\9802ab276ef2b53332
2011-06-22 06:05 . 2011-06-22 06:05 -------- d-----w- c:\windows\system32\SPReview
2011-06-22 06:04 . 2011-06-22 06:04 -------- d-----w- c:\windows\system32\EventProviders
2011-06-21 08:39 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0203FAF9-0B44-417C-A7A0-935E6A5F4A46}\mpengine.dll
2011-06-21 01:05 . 2011-06-21 01:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-06-19 13:33 . 2011-06-21 01:03 -------- d-----w- c:\program files\Microsoft Works
2011-06-19 13:30 . 2011-06-19 13:30 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-06-15 14:07 . 2011-06-16 06:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-15 09:42 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 09:42 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 09:42 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 09:42 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 09:42 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 09:42 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 09:42 . 2011-04-27 02:33 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-15 09:42 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 09:42 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 09:40 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:40 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:40 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-10 12:00 . 2011-06-10 12:00 -------- d-----w- c:\program files\Tracker Software
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-05-26 22:07 . 2011-05-26 22:09 -------- d-----w- c:\users\MissMys\AppData\Roaming\vlc
2011-05-26 22:07 . 2011-05-26 22:07 -------- d-----w- c:\program files\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 18:13 . 2011-01-06 15:36 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-05-29 07:11 . 2011-04-12 14:15 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-04-12 14:15 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 17:14 . 2010-07-26 11:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_ScreenshotReader.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_FineReader.exe
2011-05-10 12:10 . 2011-04-12 20:04 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-12 20:04 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-12 20:04 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-12 20:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-12 20:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-12 20:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-12 20:04 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-12 20:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-04 20:17 . 2010-12-28 23:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-05-04 20:17 . 2011-01-06 15:36 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-05-04 20:17 . 2011-01-06 15:36 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-05-04 20:17 . 2011-01-06 15:36 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-04-22 19:36 . 2011-05-25 06:55 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-16 19:19 . 2011-04-16 19:19 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:13 . 2011-05-11 17:48 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 17:48 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-18 21:13 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-11 2552648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2010-7-26 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-26 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-02 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-05-04 238960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-05-04 37592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}\D49775C414E4: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\MissMys\AppData\Roaming\Mozilla\Firefox\Profiles\2cnw3fw9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Zoom Page: zoompage@DW-dev - %profile%\extensions\zoompage@DW-dev
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.032"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.apd"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.arw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bay"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.cs1"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djv"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djvu"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.fff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.gif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icn"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ilbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.int"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.inta"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iw4"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.j2c"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.j2k"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jp2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpe"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpk"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.kdc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.lbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.mef"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.nrw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pct"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pgm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.pict"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pix"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.ppm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pspbrush"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ras"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgba"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rsb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rw2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rwl"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.sgi"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.sr2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.thm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]
"japkoliikiidoelbjlbj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,
70,65,63,00,00
"iapkinomklkkhblnko"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(580)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(2440)
c:\windows\system32\guard32.dll
c:\windows\system32\prnfldr.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\program files\Dell\QuickSet\quickset.exe
.
**************************************************************************
.
Celkový čas: 2011-06-24 18:55:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-24 16:55
ComboFix2.txt 2011-06-24 11:54
ComboFix3.txt 2011-06-24 09:19
ComboFix4.txt 2011-04-12 15:59
.
Před spuštěním: Volných bajtů: 323 666 006 016
Po spuštění: Volných bajtů: 323 610 419 200
.
- - End Of File - - 29C2662ECF35A24B3519A0BBF73C5B31

[methis]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:57:23, on 24.6.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Users\MissMys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MissMys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\MissMys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MissMys\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6141 bytes