PC-HELP.CZ

Čuss jde jen o preventivku jestli jde vyčistit ntb aby běžel líp :)))

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:07:22, on 22.9.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\Vojt\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Vojt\AppData\Roaming\FlashGetBHO\FlashGetBHO31.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-775366506-3250077059-3962142624-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-775366506-3250077059-3962142624-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'DefaultAppPool')
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Licensing Console - - C:\Windows\system32\msvfd32.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11051 bytes

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-775366506-3250077059-3962142624-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'DefaultAppPool')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si na svojí plochu StartupLite .exe by MalwareBytes

Tento program identifikuje a dává volbu k odstranění nepotřebných položek k vyprázdnění paměti.
Poklepej na ikonu StartupLite.exe (by MalwareBytes ) ke spuštění programu. Ve vistě a windows 7 spusť jako správce (pravým klik na ikonu a vyber-spustit jako správce).Vytvoří se list nepotřebných vstupů po spuštění. Nech všechny položky jako deaktivované a klikni na Continue . Restartuj PC.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 7772

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

22.9.2011 19:58:49
mbam-log-2011-09-22 (19-58-46).txt

Typ: Rychlá kontrola
Kontrolované objekty: 211181
Uplynulý čas: 5 minut, 5 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe (Security.Hijack) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

ComboFix 11-09-26.01 - Vojt 26.09.2011 19:52:22.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.1958 [GMT 2:00]
Spuštěný z: c:\users\Vojt\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\html
c:\windows\SysWow64\html\calendar.html
c:\windows\SysWow64\html\calendarbottom.html
c:\windows\SysWow64\html\calendartop.html
c:\windows\SysWow64\html\crystalexportdialog.htm
c:\windows\SysWow64\html\crystalprinthost.html
c:\windows\SysWow64\images
c:\windows\SysWow64\images\toolbar\calendar.gif
c:\windows\SysWow64\images\toolbar\crlogo.gif
c:\windows\SysWow64\images\toolbar\export.gif
c:\windows\SysWow64\images\toolbar\export_over.gif
c:\windows\SysWow64\images\toolbar\exportd.gif
c:\windows\SysWow64\images\toolbar\First.gif
c:\windows\SysWow64\images\toolbar\first_over.gif
c:\windows\SysWow64\images\toolbar\Firstd.gif
c:\windows\SysWow64\images\toolbar\gotopage.gif
c:\windows\SysWow64\images\toolbar\gotopage_over.gif
c:\windows\SysWow64\images\toolbar\gotopaged.gif
c:\windows\SysWow64\images\toolbar\grouptree.gif
c:\windows\SysWow64\images\toolbar\grouptree_over.gif
c:\windows\SysWow64\images\toolbar\grouptreed.gif
c:\windows\SysWow64\images\toolbar\grouptreepressed.gif
c:\windows\SysWow64\images\toolbar\Last.gif
c:\windows\SysWow64\images\toolbar\last_over.gif
c:\windows\SysWow64\images\toolbar\Lastd.gif
c:\windows\SysWow64\images\toolbar\Next.gif
c:\windows\SysWow64\images\toolbar\next_over.gif
c:\windows\SysWow64\images\toolbar\Nextd.gif
c:\windows\SysWow64\images\toolbar\Prev.gif
c:\windows\SysWow64\images\toolbar\prev_over.gif
c:\windows\SysWow64\images\toolbar\Prevd.gif
c:\windows\SysWow64\images\toolbar\print.gif
c:\windows\SysWow64\images\toolbar\print_over.gif
c:\windows\SysWow64\images\toolbar\printd.gif
c:\windows\SysWow64\images\toolbar\Refresh.gif
c:\windows\SysWow64\images\toolbar\refresh_over.gif
c:\windows\SysWow64\images\toolbar\refreshd.gif
c:\windows\SysWow64\images\toolbar\Search.gif
c:\windows\SysWow64\images\toolbar\search_over.gif
c:\windows\SysWow64\images\toolbar\searchd.gif
c:\windows\SysWow64\images\toolbar\up.gif
c:\windows\SysWow64\images\toolbar\up_over.gif
c:\windows\SysWow64\images\toolbar\upd.gif
c:\windows\SysWow64\images\tree\begindots.gif
c:\windows\SysWow64\images\tree\beginminus.gif
c:\windows\SysWow64\images\tree\beginplus.gif
c:\windows\SysWow64\images\tree\blank.gif
c:\windows\SysWow64\images\tree\blankdots.gif
c:\windows\SysWow64\images\tree\dots.gif
c:\windows\SysWow64\images\tree\lastdots.gif
c:\windows\SysWow64\images\tree\lastminus.gif
c:\windows\SysWow64\images\tree\lastplus.gif
c:\windows\SysWow64\images\tree\Magnify.gif
c:\windows\SysWow64\images\tree\minus.gif
c:\windows\SysWow64\images\tree\minusbox.gif
c:\windows\SysWow64\images\tree\plus.gif
c:\windows\SysWow64\images\tree\plusbox.gif
c:\windows\SysWow64\images\tree\singleminus.gif
c:\windows\SysWow64\images\tree\singleplus.gif
c:\windows\SysWow64\msvfd32.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-26 do 2011-09-26 )))))))))))))))))))))))))))))))
.
.
2011-09-26 17:57 . 2011-09-26 17:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-09-26 17:57 . 2011-09-26 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-25 19:40 . 2011-09-25 19:40 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE136476-303E-41E9-B143-0756D9095D11}\offreg.dll
2011-09-25 19:40 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE136476-303E-41E9-B143-0756D9095D11}\mpengine.dll
2011-09-25 19:23 . 2011-09-25 19:23 -------- d-----w- c:\program files (x86)\GameVicio
2011-09-25 19:21 . 2011-09-25 19:21 -------- d-----w- c:\program files (x86)\CureROM
2011-09-25 18:36 . 2011-09-26 17:17 -------- d-----w- c:\users\Vojt\AppData\Local\CrashDumps
2011-09-25 13:37 . 2011-09-25 13:37 -------- d-----w- c:\users\Vojt\AppData\Local\AliensVsPredator
2011-09-25 13:34 . 2011-09-25 13:34 -------- d-----w- c:\users\Vojt\AppData\Local\Downloaded Installations
2011-09-25 13:19 . 2011-09-25 13:19 -------- d-----w- c:\users\Vojt\AppData\Roaming\IObit
2011-09-25 13:18 . 2011-09-25 13:18 -------- d-----w- c:\program files (x86)\IObit
2011-09-25 08:30 . 2011-09-25 08:30 -------- d-----w- c:\users\Vojt\AppData\Local\Apple
2011-09-24 21:08 . 2011-09-24 21:08 -------- d-----w- c:\users\Vojt\AppData\Roaming\Activision
2011-09-24 18:08 . 2011-09-24 18:08 -------- d-----w- c:\users\Vojt\AppData\Local\The Witcher 2
2011-09-24 17:00 . 2011-09-24 17:00 -------- d-----w- c:\programdata\Firefly Studios
2011-09-22 21:31 . 2011-09-24 11:36 -------- d-----w- c:\users\Vojt\AppData\Local\NFS Underground 2
2011-09-22 18:43 . 2011-09-22 19:05 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-09-22 18:43 . 2011-09-22 18:43 -------- d-----w- c:\users\Vojt\AppData\Local\PunkBuster
2011-09-22 16:45 . 2011-09-22 16:45 -------- d-----w- c:\users\Vojt\AppData\Local\GamersFirst LIVE!
2011-09-22 16:44 . 2011-09-22 21:57 -------- d-----w- c:\users\Vojt\AppData\Local\PMB Files
2011-09-22 16:44 . 2011-09-22 19:09 -------- d-----w- c:\programdata\PMB Files
2011-09-22 16:44 . 2011-09-22 16:44 -------- d-----w- c:\program files (x86)\Pando Networks
2011-09-22 16:44 . 2011-09-22 16:44 -------- d-----w- c:\program files (x86)\GamersFirst
2011-09-22 16:41 . 2011-09-22 16:41 -------- d-----w- c:\users\Vojt\AppData\Local\Apps
2011-09-21 22:23 . 2011-09-21 22:23 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-09-21 22:23 . 2010-08-18 15:10 809560 ----a-r- c:\windows\SysWow64\tmp8631.tmp
2011-09-21 21:46 . 2011-09-21 21:46 1 ----a-w- c:\windows\SysWow64\SI.bin
2011-09-21 21:45 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2011-09-21 21:45 . 2010-08-18 15:10 809560 ----a-r- c:\windows\SysWow64\tmpCCB2.tmp
2011-09-21 18:11 . 2011-09-21 18:11 -------- d-----w- c:\windows\64F6748976BB4CDDA236F954BE774B35.TMP
2011-09-21 17:38 . 2011-09-21 17:38 -------- d-sh--w- c:\windows\ftpcache
2011-09-20 21:46 . 2011-09-20 21:46 -------- d-----w- c:\users\Vojt\AppData\Local\SKIDROW
2011-09-20 21:43 . 2011-09-22 19:05 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-09-20 21:43 . 2011-09-22 18:43 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-09-20 21:43 . 2011-09-22 18:40 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-09-20 21:43 . 2011-09-20 21:43 -------- d-----w- c:\users\Vojt\AppData\Roaming\PunkBuster
2011-09-20 21:43 . 2011-09-20 21:43 -------- d-----w- c:\program files (x86)\Ubisoft
2011-09-20 21:25 . 2011-09-20 21:25 -------- d-----w- c:\programdata\KONAMI
2011-09-20 20:28 . 2011-09-21 21:30 -------- d-----w- c:\users\Vojt\AppData\Roaming\BITS
2011-09-20 20:28 . 2011-09-20 20:28 -------- d-----w- c:\users\Vojt\AppData\Roaming\FlashGet
2011-09-20 20:28 . 2011-09-20 20:28 -------- d-----w- c:\program files (x86)\FlashGet Network
2011-09-17 08:16 . 2011-09-17 09:25 -------- d-----w- c:\users\Vojt\AppData\Roaming\HLSW
2011-09-17 08:16 . 2011-09-17 08:16 -------- d-s---w- c:\program files (x86)\HLSW
2011-09-16 21:44 . 2011-09-16 21:46 -------- d-----w- c:\program files (x86)\Pcsx2
2011-09-16 18:50 . 2011-09-16 18:50 -------- d-----w- c:\programdata\Data aplikací
2011-09-12 20:25 . 2011-09-12 20:25 -------- d-----w- c:\users\DefaultAppPool
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- c:\windows\SysWow64\BestPractices
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- c:\windows\system32\BestPractices
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- C:\inetpub
2011-09-11 20:35 . 2011-09-11 20:35 -------- d-----w- c:\users\Vojt\AppData\Local\LucasArts
2011-09-11 12:36 . 2011-09-11 12:36 -------- d-----w- c:\users\Vojt\AppData\Roaming\Leadertech
2011-09-11 11:52 . 2011-09-11 11:52 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-09-11 11:52 . 2011-09-11 11:52 -------- d-----w- c:\program files\Realtek
2011-09-11 11:50 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-09-11 11:28 . 2011-09-11 11:28 -------- d-----w- c:\windows\6833245EDD86479A882A8360D62C8194.TMP
2011-09-09 21:43 . 2011-09-09 21:45 -------- d-----w- c:\program files (x86)\Valve
2011-09-09 21:43 . 2011-09-09 21:43 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-09-09 21:43 . 2011-09-09 21:43 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-09-09 21:43 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-09-09 21:43 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-09-09 21:43 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-09-09 21:43 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-09-09 21:43 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-09-07 17:57 . 2011-09-07 17:57 -------- d-----w- c:\programdata\EA Core
2011-09-06 18:20 . 2011-09-06 18:20 -------- d-----w- c:\programdata\Solidshield
2011-08-29 23:11 . 2011-09-01 11:29 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-08-29 23:11 . 2011-09-16 18:52 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
2011-08-28 22:49 . 2011-08-28 22:49 -------- d-----w- c:\programdata\FLEXnet
2011-08-28 19:45 . 2011-08-28 19:45 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-08-28 12:16 . 2011-08-28 12:16 -------- d-----w- c:\windows\system32\SPReview
2011-08-28 12:15 . 2011-08-28 12:15 -------- d-----w- c:\windows\system32\EventProviders
2011-08-28 12:11 . 2010-11-20 13:27 2543616 ----a-w- c:\windows\system32\wpdshext.dll
2011-08-28 12:10 . 2010-11-20 13:27 611840 ----a-w- c:\windows\system32\wpd_ci.dll
2011-08-28 12:09 . 2010-11-20 13:27 435712 ----a-w- c:\windows\system32\PortableDeviceStatus.dll
2011-08-28 12:08 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2011-08-28 12:08 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2011-08-28 12:08 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2011-08-28 12:08 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
2011-08-28 12:08 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-08-28 12:08 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-08-28 12:08 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-08-28 12:08 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2011-08-28 12:08 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-08-28 12:07 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2011-08-28 12:07 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-08-28 12:07 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-08-28 12:07 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-08-28 12:07 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2011-08-28 12:07 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-08-28 12:07 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-08-28 12:07 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-08-28 12:07 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-08-27 19:51 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-27 19:51 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-21 22:23 . 2011-08-21 11:32 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-09-21 22:23 . 2011-08-21 11:32 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-09-21 22:23 . 2011-08-21 11:32 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-09-01 11:19 . 2011-08-21 20:57 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-09-01 11:19 . 2011-08-21 20:57 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-09-01 11:19 . 2011-08-21 20:58 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-09-01 11:18 . 2011-08-21 20:57 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-08-31 17:12 . 2011-04-19 19:48 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-31 15:00 . 2011-08-22 11:34 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-29 08:10 . 2011-08-29 08:10 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-08-29 08:10 . 2011-08-29 08:10 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-08-28 12:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-28 12:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-08-22 11:34 . 2011-08-22 11:34 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-08-22 11:34 . 2011-08-22 11:34 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2011-08-20 14:20 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-08-20 14:20 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-20 13:50 . 2011-08-20 13:50 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-08-20 00:18 . 2011-08-20 00:17 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-08-20 00:18 . 2011-08-20 00:17 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-08-19 23:07 . 2011-08-19 23:07 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-18 21:19 . 2011-08-18 21:19 9216 ----a-r- c:\users\Vojt\AppData\Roaming\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2011-08-18 20:56 . 2011-08-18 20:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-18 13:31 . 2011-08-18 13:31 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-15 11:13 . 2011-08-21 20:58 36160 ----a-w- c:\windows\system32\uxtCFB9.tmp
2011-08-14 23:00 . 2011-08-14 23:00 1285120 ----a-w- c:\windows\SysWow64\VSFilter.dll
2011-08-11 12:28 . 2011-08-22 21:12 167704 ----a-w- c:\windows\system32\igfxtray.exe
2011-08-11 12:28 . 2011-08-22 21:12 510232 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-08-11 12:28 . 2011-08-22 21:12 416024 ----a-w- c:\windows\system32\igfxpers.exe
2011-08-11 12:28 . 2011-08-22 21:12 239896 ----a-w- c:\windows\system32\igfxext.exe
2011-08-11 12:28 . 2011-08-22 21:12 392472 ----a-w- c:\windows\system32\hkcmd.exe
2011-08-11 12:28 . 2011-08-22 21:12 4378392 ----a-w- c:\windows\system32\GfxUI.exe
2011-08-11 12:28 . 2011-08-22 21:12 179992 ----a-w- c:\windows\system32\difx64.exe
2011-08-09 06:40 . 2011-08-22 21:12 90112 ----a-w- c:\windows\system32\igfxCoIn_v2476.dll
2011-08-09 06:32 . 2011-08-22 21:12 12289472 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2011-08-09 06:32 . 2011-08-22 21:12 8311808 ----a-w- c:\windows\system32\igdumd64.dll
2011-08-09 06:30 . 2011-08-22 21:12 128204 ----a-w- c:\windows\system32\igcompkrng575.bin
2011-08-09 06:30 . 2011-08-22 21:12 867020 ----a-w- c:\windows\system32\igkrng575.bin
2011-08-09 06:30 . 2011-08-22 21:12 105608 ----a-w- c:\windows\system32\igfcg575m.bin
2011-08-09 06:25 . 2011-02-17 07:28 6322688 ----a-w- c:\windows\SysWow64\igdumd32.dll
2011-08-09 06:21 . 2011-02-17 07:28 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2011-08-09 06:17 . 2011-02-17 07:28 14598144 ----a-w- c:\windows\system32\igd10umd64.dll
2011-08-09 06:11 . 2011-02-11 17:04 12339712 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2011-08-09 06:04 . 2011-08-22 21:12 18640384 ----a-w- c:\windows\system32\ig4icd64.dll
2011-08-09 05:58 . 2011-08-22 21:12 13903872 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2011-08-09 05:54 . 2011-08-22 21:12 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2011-08-09 05:54 . 2011-08-22 21:12 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2011-08-09 05:54 . 2011-08-22 21:12 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2011-08-09 05:54 . 2011-08-22 21:12 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2011-08-09 05:54 . 2011-08-22 21:12 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2011-08-09 05:54 . 2011-08-22 21:12 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2011-08-09 05:54 . 2011-08-22 21:12 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2011-08-09 05:54 . 2011-08-22 21:12 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2011-08-09 05:54 . 2011-08-22 21:12 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2011-08-09 05:54 . 2011-08-22 21:12 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-08-09 05:54 . 2011-08-22 21:12 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-08-09 05:54 . 2011-08-22 21:12 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2011-08-09 05:54 . 2011-08-22 21:12 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2011-08-09 05:53 . 2011-08-22 21:12 375808 ----a-w- c:\windows\system32\igfxpph.dll
2011-08-09 05:53 . 2011-08-22 21:12 378368 ----a-w- c:\windows\system32\igfxTMM.dll
2011-08-09 05:53 . 2011-02-17 07:28 28672 ----a-w- c:\windows\system32\igfxexps.dll
2011-08-09 05:53 . 2011-02-17 07:28 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-08-09 05:52 . 2011-02-17 07:28 110080 ----a-w- c:\windows\system32\hccutils.dll
2011-08-09 05:52 . 2011-08-22 21:12 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-08-09 05:52 . 2011-08-22 21:12 146432 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-08-09 05:52 . 2011-02-17 07:28 390144 ----a-w- c:\windows\system32\igfxdev.dll
2011-08-09 05:52 . 2011-08-22 21:12 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-08-09 05:52 . 2011-08-22 21:12 142336 ----a-w- c:\windows\system32\igfxdo.dll
2011-08-09 05:52 . 2011-02-17 07:28 9014784 ----a-w- c:\windows\system32\igfxress.dll
2011-08-09 05:47 . 2011-08-22 21:12 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2011-08-09 05:47 . 2011-08-22 21:12 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2011-08-09 05:44 . 2011-08-22 21:12 98304 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2011-08-09 05:44 . 2011-08-22 21:12 98304 ----a-w- c:\windows\system32\iglhcp64.dll
2011-08-09 05:44 . 2011-08-22 21:12 376832 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2011-08-09 05:44 . 2011-08-22 21:12 376832 ----a-w- c:\windows\system32\iglhsip64.dll
2011-08-09 05:44 . 2011-08-22 21:12 162816 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2011-08-09 05:44 . 2011-08-22 21:12 140288 ----a-w- c:\windows\system32\igfxcmrt64.dll
2011-08-09 05:44 . 2011-08-22 21:12 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2011-08-03 11:50 . 2011-08-18 23:50 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-08-18 23:50 836200 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-08-03 11:50 . 2011-08-18 23:50 816232 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-08-03 11:50 . 2011-08-18 23:50 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2011-08-18 23:50 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-08-18 23:50 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-08-21 639864]
"Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2011-01-06 1657080]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe [2011-8-16 2589808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\msvfd32.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 136176]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 136176]
R3 injectDLL;injectDLL;d:\games\Metin2\injectDLL.sys [2011-04-02 28944]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-09-01 2027840]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-02-10 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 21:10]
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 21:10]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-01-05 860040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-11 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-11 416024]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Download all by FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: Stahnou vse FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 82.100.3.1 62.240.162.158
FF - ProfilePath - c:\users\Vojt\AppData\Roaming\Mozilla\Firefox\Profiles\bgll5xgn.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Mijagi-MJ3 - d:\games\Mijagi-MJ3\Uninstal.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-775366506-3250077059-3962142624-1002\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Vojt\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-775366506-3250077059-3962142624-1002\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Vojt\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-09-26 20:01:27
ComboFix-quarantined-files.txt 2011-09-26 18:01
.
Před spuštěním: Volných bajtů: 40 267 771 904
Po spuštění: Volných bajtů: 40 135 278 592
.
- - End Of File - - 19110321D20838413FD94363F74CCB2F

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\windows\64F6748976BB4CDDA236F954BE774B35.TMP
c:\users\Vojt\AppData\Local\SKIDROW
c:\windows\6833245EDD86479A882A8360D62C8194.TMP

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=-
"EnableUIADesktopToggle"=-

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\system32\uxtCFB9.tmp
c:\windows\SysWow64\tmpCCB2.tmp

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

ComboFix 11-09-26.01 - Vojt 28.09.2011 10:11:43.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.1955 [GMT 2:00]
Spuštěný z: c:\users\Vojt\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vojt\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Vojt\AppData\Local\SKIDROW
c:\users\Vojt\AppData\Local\SKIDROW\SAVES\55140\savegame.bxml
c:\windows\64F6748976BB4CDDA236F954BE774B35.TMP
c:\windows\64F6748976BB4CDDA236F954BE774B35.TMP\WiseCustomCalla.dll
c:\windows\6833245EDD86479A882A8360D62C8194.TMP
c:\windows\6833245EDD86479A882A8360D62C8194.TMP\WiseCustomCalla.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 08:17 . 2011-09-28 08:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-09-28 08:17 . 2011-09-28 08:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-28 08:10 . 2011-09-28 08:10 -------- d-----w- c:\users\Vojt\AppData\Roaming\SPORE
2011-09-27 20:39 . 2011-09-27 20:42 -------- d-----w- c:\users\Vojt\dwhelper
2011-09-25 19:40 . 2011-09-25 19:40 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE136476-303E-41E9-B143-0756D9095D11}\offreg.dll
2011-09-25 19:40 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE136476-303E-41E9-B143-0756D9095D11}\mpengine.dll
2011-09-25 19:23 . 2011-09-25 19:23 -------- d-----w- c:\program files (x86)\GameVicio
2011-09-25 19:21 . 2011-09-25 19:21 -------- d-----w- c:\program files (x86)\CureROM
2011-09-25 18:36 . 2011-09-26 21:30 -------- d-----w- c:\users\Vojt\AppData\Local\CrashDumps
2011-09-25 13:37 . 2011-09-25 13:37 -------- d-----w- c:\users\Vojt\AppData\Local\AliensVsPredator
2011-09-25 13:34 . 2011-09-25 13:34 -------- d-----w- c:\users\Vojt\AppData\Local\Downloaded Installations
2011-09-25 13:19 . 2011-09-25 13:19 -------- d-----w- c:\users\Vojt\AppData\Roaming\IObit
2011-09-25 13:18 . 2011-09-25 13:18 -------- d-----w- c:\program files (x86)\IObit
2011-09-25 08:30 . 2011-09-25 08:30 -------- d-----w- c:\users\Vojt\AppData\Local\Apple
2011-09-24 21:08 . 2011-09-24 21:08 -------- d-----w- c:\users\Vojt\AppData\Roaming\Activision
2011-09-24 18:08 . 2011-09-24 18:08 -------- d-----w- c:\users\Vojt\AppData\Local\The Witcher 2
2011-09-24 17:00 . 2011-09-24 17:00 -------- d-----w- c:\programdata\Firefly Studios
2011-09-22 21:31 . 2011-09-24 11:36 -------- d-----w- c:\users\Vojt\AppData\Local\NFS Underground 2
2011-09-22 18:43 . 2011-09-22 19:05 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-09-22 18:43 . 2011-09-22 18:43 -------- d-----w- c:\users\Vojt\AppData\Local\PunkBuster
2011-09-22 16:45 . 2011-09-22 16:45 -------- d-----w- c:\users\Vojt\AppData\Local\GamersFirst LIVE!
2011-09-22 16:44 . 2011-09-22 21:57 -------- d-----w- c:\users\Vojt\AppData\Local\PMB Files
2011-09-22 16:44 . 2011-09-22 19:09 -------- d-----w- c:\programdata\PMB Files
2011-09-22 16:44 . 2011-09-22 16:44 -------- d-----w- c:\program files (x86)\Pando Networks
2011-09-22 16:44 . 2011-09-22 16:44 -------- d-----w- c:\program files (x86)\GamersFirst
2011-09-22 16:41 . 2011-09-22 16:41 -------- d-----w- c:\users\Vojt\AppData\Local\Apps
2011-09-21 22:23 . 2011-09-21 22:23 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-09-21 22:23 . 2010-08-18 15:10 809560 ----a-r- c:\windows\SysWow64\tmp8631.tmp
2011-09-21 21:46 . 2011-09-21 21:46 1 ----a-w- c:\windows\SysWow64\SI.bin
2011-09-21 21:45 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2011-09-21 21:45 . 2010-08-18 15:10 809560 ----a-r- c:\windows\SysWow64\tmpCCB2.tmp
2011-09-21 17:38 . 2011-09-21 17:38 -------- d-sh--w- c:\windows\ftpcache
2011-09-20 21:43 . 2011-09-22 19:05 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-09-20 21:43 . 2011-09-22 18:43 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-09-20 21:43 . 2011-09-22 18:40 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-09-20 21:43 . 2011-09-20 21:43 -------- d-----w- c:\users\Vojt\AppData\Roaming\PunkBuster
2011-09-20 21:43 . 2011-09-20 21:43 -------- d-----w- c:\program files (x86)\Ubisoft
2011-09-20 21:25 . 2011-09-20 21:25 -------- d-----w- c:\programdata\KONAMI
2011-09-20 20:28 . 2011-09-21 21:30 -------- d-----w- c:\users\Vojt\AppData\Roaming\BITS
2011-09-20 20:28 . 2011-09-20 20:28 -------- d-----w- c:\users\Vojt\AppData\Roaming\FlashGet
2011-09-20 20:28 . 2011-09-20 20:28 -------- d-----w- c:\program files (x86)\FlashGet Network
2011-09-17 08:16 . 2011-09-17 09:25 -------- d-----w- c:\users\Vojt\AppData\Roaming\HLSW
2011-09-17 08:16 . 2011-09-17 08:16 -------- d-s---w- c:\program files (x86)\HLSW
2011-09-16 21:44 . 2011-09-16 21:46 -------- d-----w- c:\program files (x86)\Pcsx2
2011-09-16 18:50 . 2011-09-16 18:50 -------- d-----w- c:\programdata\Data aplikací
2011-09-12 20:25 . 2011-09-27 21:56 -------- d-----w- c:\users\DefaultAppPool
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- c:\windows\SysWow64\BestPractices
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- c:\windows\system32\BestPractices
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- C:\inetpub
2011-09-11 20:35 . 2011-09-11 20:35 -------- d-----w- c:\users\Vojt\AppData\Local\LucasArts
2011-09-11 12:36 . 2011-09-11 12:36 -------- d-----w- c:\users\Vojt\AppData\Roaming\Leadertech
2011-09-11 11:52 . 2011-09-11 11:52 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-09-11 11:52 . 2011-09-11 11:52 -------- d-----w- c:\program files\Realtek
2011-09-11 11:50 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-09-09 21:43 . 2011-09-09 21:45 -------- d-----w- c:\program files (x86)\Valve
2011-09-09 21:43 . 2011-09-09 21:43 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-09-09 21:43 . 2011-09-09 21:43 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-09-09 21:43 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-09-09 21:43 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-09-09 21:43 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-09-09 21:43 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-09-09 21:43 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-09-07 17:57 . 2011-09-07 17:57 -------- d-----w- c:\programdata\EA Core
2011-09-06 18:20 . 2011-09-06 18:20 -------- d-----w- c:\programdata\Solidshield
2011-08-31 11:08 . 2011-08-31 11:08 167704 ----a-w- c:\windows\system32\igfxtray.exe
2011-08-31 11:08 . 2011-08-31 11:08 510232 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-08-31 11:08 . 2011-08-31 11:08 416024 ----a-w- c:\windows\system32\igfxpers.exe
2011-08-31 11:08 . 2011-08-31 11:08 239896 ----a-w- c:\windows\system32\igfxext.exe
2011-08-31 11:08 . 2011-08-31 11:08 392472 ----a-w- c:\windows\system32\hkcmd.exe
2011-08-31 11:08 . 2011-08-31 11:08 4378392 ----a-w- c:\windows\system32\GfxUI.exe
2011-08-31 11:08 . 2011-08-31 11:08 179992 ----a-w- c:\windows\system32\difx64.exe
2011-08-31 10:58 . 2011-08-31 10:58 90112 ----a-w- c:\windows\system32\igfxCoIn_v2509.dll
2011-08-31 10:53 . 2011-08-31 10:53 12306848 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2011-08-31 10:53 . 2011-08-31 10:53 8312320 ----a-w- c:\windows\system32\igdumd64.dll
2011-08-31 10:47 . 2011-08-31 10:47 6322688 ----a-w- c:\windows\SysWow64\igdumd32.dll
2011-08-31 10:45 . 2011-08-31 10:45 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2011-08-31 10:37 . 2011-08-31 10:37 12340224 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2011-08-31 10:31 . 2011-08-31 10:31 18641408 ----a-w- c:\windows\system32\ig4icd64.dll
2011-08-31 10:26 . 2011-08-31 10:26 13903872 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2011-08-31 10:21 . 2011-08-31 10:21 378368 ----a-w- c:\windows\system32\igfxTMM.dll
2011-08-31 10:20 . 2011-08-31 10:20 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-08-31 10:20 . 2011-08-31 10:20 146432 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-08-31 10:20 . 2011-08-31 10:20 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-08-31 10:20 . 2011-08-31 10:20 142336 ----a-w- c:\windows\system32\igfxdo.dll
2011-08-31 10:16 . 2011-08-31 10:16 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2011-08-31 10:15 . 2011-08-31 10:15 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2011-08-29 23:11 . 2011-09-01 11:29 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-08-29 23:11 . 2011-09-16 18:52 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-21 22:23 . 2011-08-21 11:32 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-09-21 22:23 . 2011-08-21 11:32 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-09-21 22:23 . 2011-08-21 11:32 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-09-01 11:19 . 2011-08-21 20:57 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-09-01 11:19 . 2011-08-21 20:57 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-09-01 11:19 . 2011-08-21 20:58 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-09-01 11:18 . 2011-08-21 20:57 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-08-31 17:12 . 2011-04-19 19:48 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-31 15:00 . 2011-08-22 11:34 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 10:42 . 2011-02-17 07:28 14598656 ----a-w- c:\windows\system32\igd10umd64.dll
2011-08-31 10:22 . 2011-08-31 10:22 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-08-31 10:22 . 2011-08-31 10:22 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-08-31 10:21 . 2011-08-22 21:12 375808 ----a-w- c:\windows\system32\igfxpph.dll
2011-08-31 10:21 . 2011-02-17 07:28 28672 ----a-w- c:\windows\system32\igfxexps.dll
2011-08-31 10:21 . 2011-02-17 07:28 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-08-31 10:20 . 2011-02-17 07:28 110080 ----a-w- c:\windows\system32\hccutils.dll
2011-08-31 10:20 . 2011-02-17 07:28 390144 ----a-w- c:\windows\system32\igfxdev.dll
2011-08-31 10:20 . 2011-02-17 07:28 9014784 ----a-w- c:\windows\system32\igfxress.dll
2011-08-29 08:10 . 2011-08-29 08:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-08-29 08:10 . 2011-08-29 08:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-08-29 08:10 . 2011-08-29 08:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-08-29 08:10 . 2011-08-29 08:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-08-29 08:10 . 2011-08-29 08:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-08-29 08:10 . 2011-08-29 08:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-08-29 08:10 . 2011-08-29 08:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-08-29 08:10 . 2011-08-29 08:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-08-29 08:10 . 2011-08-29 08:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-08-29 08:10 . 2011-08-29 08:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-08-29 08:10 . 2011-08-29 08:10 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-08-29 08:10 . 2011-08-29 08:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-08-29 08:10 . 2011-08-29 08:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-08-29 08:10 . 2011-08-29 08:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-29 08:10 . 2011-08-29 08:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-08-29 08:10 . 2011-08-29 08:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-29 08:10 . 2011-08-29 08:10 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-08-29 08:10 . 2011-08-29 08:10 222208 ----a-w- c:\windows\system32\msls31.dll
2011-08-29 08:10 . 2011-08-29 08:10 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-08-29 08:10 . 2011-08-29 08:10 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-08-29 08:10 . 2011-08-29 08:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-08-29 08:10 . 2011-08-29 08:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-08-29 08:10 . 2011-08-29 08:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-08-29 08:10 . 2011-08-29 08:10 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-08-29 08:10 . 2011-08-29 08:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-08-29 08:10 . 2011-08-29 08:10 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-08-29 08:10 . 2011-08-29 08:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-08-29 08:10 . 2011-08-29 08:10 12288 ----a-w- c:\windows\system32\mshta.exe
2011-08-29 08:10 . 2011-08-29 08:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-08-29 08:10 . 2011-08-29 08:10 114176 ----a-w- c:\windows\system32\admparse.dll
2011-08-29 08:10 . 2011-08-29 08:10 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-29 08:10 . 2011-08-29 08:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-08-29 08:10 . 2011-08-29 08:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-08-29 08:10 . 2011-08-29 08:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-08-29 08:10 . 2011-08-29 08:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-08-29 08:10 . 2011-08-29 08:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-08-29 08:10 . 2011-08-29 08:10 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-08-29 08:10 . 2011-08-29 08:10 448512 ----a-w- c:\windows\system32\html.iec
2011-08-29 08:10 . 2011-08-29 08:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-29 08:10 . 2011-08-29 08:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-08-29 08:10 . 2011-08-29 08:10 160256 ----a-w- c:\windows\system32\wextract.exe
2011-08-29 08:10 . 2011-08-29 08:10 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-28 12:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-28 12:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-08-22 11:34 . 2011-08-22 11:34 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-08-22 11:34 . 2011-08-22 11:34 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2011-08-20 14:20 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-08-20 14:20 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-20 13:50 . 2011-08-20 13:50 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-08-20 00:18 . 2011-08-20 00:17 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-08-20 00:18 . 2011-08-20 00:17 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-08-19 23:07 . 2011-08-19 23:07 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-18 21:19 . 2011-08-18 21:19 9216 ----a-r- c:\users\Vojt\AppData\Roaming\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2011-08-18 20:56 . 2011-08-18 20:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-18 13:31 . 2011-08-18 13:31 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-15 11:13 . 2011-08-21 20:58 36160 ----a-w- c:\windows\system32\uxtCFB9.tmp
2011-08-14 23:00 . 2011-08-14 23:00 1285120 ----a-w- c:\windows\SysWow64\VSFilter.dll
2011-08-09 06:40 . 2011-08-22 21:12 90112 ----a-w- c:\windows\system32\igfxCoIn_v2476.dll
2011-08-09 06:30 . 2011-08-22 21:12 128204 ----a-w- c:\windows\system32\igcompkrng575.bin
2011-08-09 06:30 . 2011-08-22 21:12 867020 ----a-w- c:\windows\system32\igkrng575.bin
2011-08-09 06:30 . 2011-08-22 21:12 105608 ----a-w- c:\windows\system32\igfcg575m.bin
2011-08-09 05:44 . 2011-08-22 21:12 98304 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2011-08-09 05:44 . 2011-08-22 21:12 98304 ----a-w- c:\windows\system32\iglhcp64.dll
2011-08-09 05:44 . 2011-08-22 21:12 376832 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2011-08-09 05:44 . 2011-08-22 21:12 376832 ----a-w- c:\windows\system32\iglhsip64.dll
2011-08-09 05:44 . 2011-08-22 21:12 162816 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2011-08-09 05:44 . 2011-08-22 21:12 140288 ----a-w- c:\windows\system32\igfxcmrt64.dll
2011-08-09 05:44 . 2011-08-22 21:12 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2011-08-03 11:50 . 2011-08-18 23:50 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-08-18 23:50 836200 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-08-03 11:50 . 2011-08-18 23:50 816232 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-08-03 11:50 . 2011-08-18 23:50 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2011-08-18 23:50 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-08-18 23:50 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-08-03 11:50 . 2011-08-18 23:50 335976 ----a-w- c:\windows\system32\nvhotkey.dll
2011-08-03 11:50 . 2011-08-18 23:50 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-08-03 11:50 . 2011-08-18 23:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-08-03 11:50 . 2011-08-18 23:50 1816324 ----a-w- c:\windows\system32\nvcoproc.bin
2011-08-03 11:50 . 2011-08-18 23:50 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2011-08-18 23:46 846952 ----a-w- c:\windows\system32\nvumdshimx.dll
2011-08-03 11:50 . 2011-08-18 23:46 8355944 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-08-03 11:50 . 2011-08-18 23:46 7254632 ----a-w- c:\windows\system32\nvcuda.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-26_17.57.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-02-17 08:14 . 2009-11-18 08:03 53248 c:\windows\SysWOW64\CSVer.dll
+ 2011-02-17 08:14 . 2011-06-22 13:23 53248 c:\windows\SysWOW64\CSVer.dll
- 2009-07-14 04:54 . 2011-09-25 20:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-09-27 20:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-09-27 20:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-25 20:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-27 20:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-25 20:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 05:30 . 2011-09-11 11:52 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-09-27 21:53 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-08-31 10:58 . 2011-08-31 10:58 90112 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igxpco64.dll
+ 2011-08-31 10:13 . 2011-08-31 10:13 98304 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\iglhcp64.dll
+ 2011-08-31 10:13 . 2011-08-31 10:13 98304 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\iglhcp32.dll
+ 2011-08-31 10:21 . 2011-08-31 10:21 62464 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxsrvc.dll
+ 2011-08-31 10:16 . 2011-08-31 10:16 24576 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxexps32.dll
+ 2011-08-31 10:21 . 2011-08-31 10:21 28672 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxexps.dll
+ 2011-08-31 10:51 . 2011-08-31 10:51 75776 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igdde64.dll
+ 2011-08-31 10:46 . 2011-08-31 10:46 56832 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igdde32.dll
+ 2011-08-31 10:13 . 2011-08-31 10:13 94208 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\IccLibDll_x64.dll
- 2011-04-19 20:13 . 2011-09-25 19:20 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-04-19 20:13 . 2011-09-28 00:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-04-19 20:13 . 2011-09-25 19:20 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-04-19 20:13 . 2011-09-28 00:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-28 00:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-25 19:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-31 10:20 . 2011-08-31 10:20 4096 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\IGFXDEVLib.dll
- 2011-09-23 05:59 . 2011-09-23 20:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-09-28 08:23 . 2011-09-28 08:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-09-28 08:23 . 2011-09-28 08:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-09-23 05:59 . 2011-09-23 20:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-18 19:23 . 2011-09-27 20:05 284704 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 04:45 . 2011-09-28 08:23 275072 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:30 . 2011-09-11 11:52 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-09-27 21:53 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-09-27 21:52 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-09-11 11:52 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-08-31 10:13 . 2011-08-31 10:13 376832 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\iglhsip64.dll
+ 2011-08-31 10:13 . 2011-08-31 10:13 376832 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\iglhsip32.dll
+ 2011-08-31 10:51 . 2011-08-31 10:51 963116 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igkrng600.bin
+ 2011-08-31 10:51 . 2011-08-31 10:51 867020 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igkrng575.bin
+ 2011-08-31 11:08 . 2011-08-31 11:08 167704 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxtray.exe
+ 2011-08-31 10:21 . 2011-08-31 10:21 378368 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxTMM.dll
+ 2011-08-31 11:08 . 2011-08-31 11:08 510232 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxsrvc.exe
+ 2011-08-31 10:21 . 2011-08-31 10:21 375808 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxpph.dll
+ 2011-08-31 11:08 . 2011-08-31 11:08 416024 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxpers.exe
+ 2011-08-31 11:08 . 2011-08-31 11:08 239896 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxext.exe
+ 2011-08-31 10:15 . 2011-08-31 10:15 294400 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxdv32.dll
+ 2011-08-31 10:20 . 2011-08-31 10:20 142336 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxdo.dll
+ 2011-08-31 10:20 . 2011-08-31 10:20 390144 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxdev.dll
+ 2011-08-31 10:13 . 2011-08-31 10:13 140288 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxcmrt64.dll
+ 2011-08-31 10:13 . 2011-08-31 10:13 162816 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxcmrt32.dll
+ 2011-08-31 10:51 . 2011-08-31 10:51 216000 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfcg600m.bin
+ 2011-08-31 10:51 . 2011-08-31 10:51 105608 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfcg575m.bin
+ 2011-08-31 10:45 . 2011-08-31 10:45 581120 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igdumdx32.dll
+ 2011-08-31 10:51 . 2011-08-31 10:51 145804 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igcompkrng600.bin
+ 2011-08-31 10:51 . 2011-08-31 10:51 128204 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igcompkrng575.bin
+ 2011-08-31 11:08 . 2011-08-31 11:08 392472 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\hkcmd.exe
+ 2011-08-31 10:20 . 2011-08-31 10:20 110080 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\hccutils.dll
+ 2011-08-31 10:20 . 2011-08-31 10:20 146432 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\gfxSrvc.dll
+ 2011-08-31 11:08 . 2011-08-31 11:08 179992 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\difx64.exe
+ 2009-07-14 05:01 . 2011-09-28 08:17 241108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-09-27 21:47 . 2011-09-27 21:47 478432 c:\windows\Installer\{6033673D-2530-4587-8AD0-EB059FC263F9}\Crysis2Launcher.exe
+ 2011-08-31 10:20 . 2011-08-31 10:20 9014784 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igfxress.dll
+ 2011-08-31 10:53 . 2011-08-31 10:53 8312320 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igdumd64.dll
+ 2011-08-31 10:47 . 2011-08-31 10:47 6322688 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igdumd32.dll
+ 2011-08-31 11:08 . 2011-08-31 11:08 4378392 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\GfxUI.exe
+ 2011-08-18 20:04 . 2011-09-28 08:17 6981862 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-775366506-3250077059-3962142624-1002-8192.dat
+ 2011-08-18 23:47 . 2011-09-28 08:17 2181500 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-775366506-3250077059-3962142624-1002-12288.dat
+ 2011-02-28 16:58 . 2011-02-28 16:58 3582976 c:\windows\Installer\14f2731d.msi
+ 2011-08-31 10:53 . 2011-08-31 10:53 12306848 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igdkmd64.sys
+ 2011-08-31 10:42 . 2011-08-31 10:42 14598656 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igd10umd64.dll
+ 2011-08-31 10:37 . 2011-08-31 10:37 12340224 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\igd10umd32.dll
+ 2011-08-31 10:31 . 2011-08-31 10:31 18641408 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\ig4icd64.dll
+ 2011-08-31 10:26 . 2011-08-31 10:26 13903872 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_7067dde171ce9c67\ig4icd32.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-08-21 639864]
"Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2011-01-06 1657080]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe [2011-8-16 2589808]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\msvfd32.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 136176]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 136176]
R3 injectDLL;injectDLL;d:\games\Metin2\injectDLL.sys [2011-04-02 28944]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-09-01 2027840]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-02-10 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-01-05 860040]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: Download all by FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: Stahnou vse FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 82.100.3.1 62.240.162.158
FF - ProfilePath - c:\users\Vojt\AppData\Roaming\Mozilla\Firefox\Profiles\bgll5xgn.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-775366506-3250077059-3962142624-1002\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Vojt\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-775366506-3250077059-3962142624-1002\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Vojt\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
.
**************************************************************************
.
Celkový čas: 2011-09-28 10:28:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-28 08:28
ComboFix2.txt 2011-09-26 18:01
.
Před spuštěním: Volných bajtů: 38 245 392 384
Po spuštění: Volných bajtů: 38 150 549 504
.
- - End Of File - - 3240F515C030F547368478B0BADD06C8

a ten virustotal čistej :)

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\SysWow64\tmp8631.tmp
c:\windows\SysWow64\tmpCCB2.tmp
c:\windows\system32\uxtCFB9.tmp

Folder::
c:\users\Vojt\AppData\Roaming\BITS

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\SysWow64\mkl_blueripple.dll
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

ComboFix 11-09-26.01 - Vojt 28.09.2011 21:50:52.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.1875 [GMT 2:00]
Spuštěný z: c:\users\Vojt\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vojt\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\uxtCFB9.tmp"
"c:\windows\SysWow64\tmp8631.tmp"
"c:\windows\SysWow64\tmpCCB2.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Vojt\AppData\Roaming\BITS
c:\users\Vojt\AppData\Roaming\BITS\BITS.ini
c:\users\Vojt\AppData\Roaming\BITS\DHTTable.dat
c:\users\Vojt\AppData\Roaming\BITS\P2PCfg.ini
c:\users\Vojt\AppData\Roaming\BITS\ProxyList.ini
c:\users\Vojt\AppData\Roaming\BITS\pstat.dat
c:\users\Vojt\AppData\Roaming\BITS\pup.dat
c:\windows\system32\uxtCFB9.tmp
c:\windows\SysWow64\tmp8631.tmp
c:\windows\SysWow64\tmpCCB2.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 19:56 . 2011-09-28 19:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-09-28 19:56 . 2011-09-28 19:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-28 08:32 . 2011-09-28 08:32 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE136476-303E-41E9-B143-0756D9095D11}\offreg.dll
2011-09-28 08:10 . 2011-09-28 17:52 -------- d-----w- c:\users\Vojt\AppData\Roaming\SPORE
2011-09-27 20:39 . 2011-09-27 20:42 -------- d-----w- c:\users\Vojt\dwhelper
2011-09-25 19:40 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE136476-303E-41E9-B143-0756D9095D11}\mpengine.dll
2011-09-25 19:23 . 2011-09-25 19:23 -------- d-----w- c:\program files (x86)\GameVicio
2011-09-25 19:21 . 2011-09-25 19:21 -------- d-----w- c:\program files (x86)\CureROM
2011-09-25 18:36 . 2011-09-26 21:30 -------- d-----w- c:\users\Vojt\AppData\Local\CrashDumps
2011-09-25 13:37 . 2011-09-25 13:37 -------- d-----w- c:\users\Vojt\AppData\Local\AliensVsPredator
2011-09-25 13:34 . 2011-09-25 13:34 -------- d-----w- c:\users\Vojt\AppData\Local\Downloaded Installations
2011-09-25 13:19 . 2011-09-25 13:19 -------- d-----w- c:\users\Vojt\AppData\Roaming\IObit
2011-09-25 13:18 . 2011-09-25 13:18 -------- d-----w- c:\program files (x86)\IObit
2011-09-25 08:30 . 2011-09-25 08:30 -------- d-----w- c:\users\Vojt\AppData\Local\Apple
2011-09-24 21:08 . 2011-09-28 17:41 -------- d-----w- c:\users\Vojt\AppData\Roaming\Activision
2011-09-24 18:08 . 2011-09-24 18:08 -------- d-----w- c:\users\Vojt\AppData\Local\The Witcher 2
2011-09-24 17:00 . 2011-09-24 17:00 -------- d-----w- c:\programdata\Firefly Studios
2011-09-22 21:31 . 2011-09-24 11:36 -------- d-----w- c:\users\Vojt\AppData\Local\NFS Underground 2
2011-09-22 18:43 . 2011-09-22 19:05 281200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-09-20 21:43 . 2011-09-22 18:40 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-09-20 21:43 . 2011-09-20 21:43 -------- d-----w- c:\users\Vojt\AppData\Roaming\PunkBuster
2011-09-20 21:43 . 2011-09-20 21:43 -------- d-----w- c:\program files (x86)\Ubisoft
2011-09-20 21:25 . 2011-09-20 21:25 -------- d-----w- c:\programdata\KONAMI
2011-09-20 20:28 . 2011-09-20 20:28 -------- d-----w- c:\users\Vojt\AppData\Roaming\FlashGet
2011-09-20 20:28 . 2011-09-20 20:28 -------- d-----w- c:\program files (x86)\FlashGet Network
2011-09-17 08:16 . 2011-09-17 09:25 -------- d-----w- c:\users\Vojt\AppData\Roaming\HLSW
2011-09-17 08:16 . 2011-09-17 08:16 -------- d-s---w- c:\program files (x86)\HLSW
2011-09-16 21:44 . 2011-09-16 21:46 -------- d-----w- c:\program files (x86)\Pcsx2
2011-09-16 18:50 . 2011-09-16 18:50 -------- d-----w- c:\programdata\Data aplikací
2011-09-12 20:25 . 2011-09-27 21:56 -------- d-----w- c:\users\DefaultAppPool
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- c:\windows\SysWow64\BestPractices
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- c:\windows\system32\BestPractices
2011-09-12 19:19 . 2011-09-12 19:19 -------- d-----w- C:\inetpub
2011-09-11 20:35 . 2011-09-11 20:35 -------- d-----w- c:\users\Vojt\AppData\Local\LucasArts
2011-09-11 12:36 . 2011-09-11 12:36 -------- d-----w- c:\users\Vojt\AppData\Roaming\Leadertech
2011-09-11 11:52 . 2011-09-11 11:52 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-09-11 11:52 . 2011-09-11 11:52 -------- d-----w- c:\program files\Realtek
2011-09-11 11:50 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-09-09 21:43 . 2011-09-09 21:45 -------- d-----w- c:\program files (x86)\Valve
2011-09-09 21:43 . 2011-09-09 21:43 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-09-09 21:43 . 2011-09-09 21:43 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-09-09 21:43 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-09-09 21:43 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-09-09 21:43 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-09-09 21:43 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-09-09 21:43 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-09-07 17:57 . 2011-09-07 17:57 -------- d-----w- c:\programdata\EA Core
2011-09-06 18:20 . 2011-09-06 18:20 -------- d-----w- c:\programdata\Solidshield
2011-08-31 11:08 . 2011-08-31 11:08 167704 ----a-w- c:\windows\system32\igfxtray.exe
2011-08-31 11:08 . 2011-08-31 11:08 510232 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-08-31 11:08 . 2011-08-31 11:08 416024 ----a-w- c:\windows\system32\igfxpers.exe
2011-08-31 11:08 . 2011-08-31 11:08 239896 ----a-w- c:\windows\system32\igfxext.exe
2011-08-31 11:08 . 2011-08-31 11:08 392472 ----a-w- c:\windows\system32\hkcmd.exe
2011-08-31 11:08 . 2011-08-31 11:08 4378392 ----a-w- c:\windows\system32\GfxUI.exe
2011-08-31 11:08 . 2011-08-31 11:08 179992 ----a-w- c:\windows\system32\difx64.exe
2011-08-31 10:58 . 2011-08-31 10:58 90112 ----a-w- c:\windows\system32\igfxCoIn_v2509.dll
2011-08-31 10:53 . 2011-08-31 10:53 12306848 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2011-08-31 10:53 . 2011-08-31 10:53 8312320 ----a-w- c:\windows\system32\igdumd64.dll
2011-08-31 10:47 . 2011-08-31 10:47 6322688 ----a-w- c:\windows\SysWow64\igdumd32.dll
2011-08-31 10:45 . 2011-08-31 10:45 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2011-08-31 10:37 . 2011-08-31 10:37 12340224 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2011-08-31 10:31 . 2011-08-31 10:31 18641408 ----a-w- c:\windows\system32\ig4icd64.dll
2011-08-31 10:26 . 2011-08-31 10:26 13903872 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2011-08-31 10:21 . 2011-08-31 10:21 378368 ----a-w- c:\windows\system32\igfxTMM.dll
2011-08-31 10:20 . 2011-08-31 10:20 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-08-31 10:20 . 2011-08-31 10:20 146432 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-08-31 10:20 . 2011-08-31 10:20 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-08-31 10:20 . 2011-08-31 10:20 142336 ----a-w- c:\windows\system32\igfxdo.dll
2011-08-31 10:16 . 2011-08-31 10:16 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2011-08-31 10:15 . 2011-08-31 10:15 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2011-08-29 23:11 . 2011-09-01 11:29 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-08-29 23:11 . 2011-09-16 18:52 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-21 22:23 . 2011-08-21 11:32 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-09-21 22:23 . 2011-08-21 11:32 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-09-21 22:23 . 2011-08-21 11:32 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-09-01 11:19 . 2011-08-21 20:57 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-09-01 11:19 . 2011-08-21 20:57 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-09-01 11:19 . 2011-08-21 20:58 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-09-01 11:18 . 2011-08-21 20:57 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-08-31 17:12 . 2011-04-19 19:48 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-31 15:00 . 2011-08-22 11:34 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 10:42 . 2011-02-17 07:28 14598656 ----a-w- c:\windows\system32\igd10umd64.dll
2011-08-31 10:22 . 2011-08-31 10:22 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-08-31 10:22 . 2011-08-31 10:22 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-08-31 10:21 . 2011-08-22 21:12 375808 ----a-w- c:\windows\system32\igfxpph.dll
2011-08-31 10:21 . 2011-02-17 07:28 28672 ----a-w- c:\windows\system32\igfxexps.dll
2011-08-31 10:21 . 2011-02-17 07:28 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-08-31 10:20 . 2011-02-17 07:28 110080 ----a-w- c:\windows\system32\hccutils.dll
2011-08-31 10:20 . 2011-02-17 07:28 390144 ----a-w- c:\windows\system32\igfxdev.dll
2011-08-31 10:20 . 2011-02-17 07:28 9014784 ----a-w- c:\windows\system32\igfxress.dll
2011-08-29 08:10 . 2011-08-29 08:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-08-29 08:10 . 2011-08-29 08:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-08-29 08:10 . 2011-08-29 08:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-08-29 08:10 . 2011-08-29 08:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-08-29 08:10 . 2011-08-29 08:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-08-29 08:10 . 2011-08-29 08:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-08-29 08:10 . 2011-08-29 08:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-08-29 08:10 . 2011-08-29 08:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-08-29 08:10 . 2011-08-29 08:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-08-29 08:10 . 2011-08-29 08:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-08-29 08:10 . 2011-08-29 08:10 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-08-29 08:10 . 2011-08-29 08:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-08-29 08:10 . 2011-08-29 08:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-08-29 08:10 . 2011-08-29 08:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-29 08:10 . 2011-08-29 08:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-08-29 08:10 . 2011-08-29 08:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-29 08:10 . 2011-08-29 08:10 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-08-29 08:10 . 2011-08-29 08:10 222208 ----a-w- c:\windows\system32\msls31.dll
2011-08-29 08:10 . 2011-08-29 08:10 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-08-29 08:10 . 2011-08-29 08:10 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-08-29 08:10 . 2011-08-29 08:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-08-29 08:10 . 2011-08-29 08:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-08-29 08:10 . 2011-08-29 08:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-08-29 08:10 . 2011-08-29 08:10 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-08-29 08:10 . 2011-08-29 08:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-08-29 08:10 . 2011-08-29 08:10 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-08-29 08:10 . 2011-08-29 08:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-08-29 08:10 . 2011-08-29 08:10 12288 ----a-w- c:\windows\system32\mshta.exe
2011-08-29 08:10 . 2011-08-29 08:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-08-29 08:10 . 2011-08-29 08:10 114176 ----a-w- c:\windows\system32\admparse.dll
2011-08-29 08:10 . 2011-08-29 08:10 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-29 08:10 . 2011-08-29 08:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-08-29 08:10 . 2011-08-29 08:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-08-29 08:10 . 2011-08-29 08:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-08-29 08:10 . 2011-08-29 08:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-08-29 08:10 . 2011-08-29 08:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-08-29 08:10 . 2011-08-29 08:10 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-08-29 08:10 . 2011-08-29 08:10 448512 ----a-w- c:\windows\system32\html.iec
2011-08-29 08:10 . 2011-08-29 08:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-29 08:10 . 2011-08-29 08:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-08-29 08:10 . 2011-08-29 08:10 160256 ----a-w- c:\windows\system32\wextract.exe
2011-08-29 08:10 . 2011-08-29 08:10 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-28 12:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-28 12:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-08-22 11:34 . 2011-08-22 11:34 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-08-22 11:34 . 2011-08-22 11:34 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2011-08-20 14:20 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-08-20 14:20 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-20 13:50 . 2011-08-20 13:50 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-08-20 00:18 . 2011-08-20 00:17 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-08-20 00:18 . 2011-08-20 00:17 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-08-19 23:07 . 2011-08-19 23:07 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-18 21:19 . 2011-08-18 21:19 9216 ----a-r- c:\users\Vojt\AppData\Roaming\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2011-08-18 20:56 . 2011-08-18 20:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-18 13:31 . 2011-08-18 13:31 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-14 23:00 . 2011-08-14 23:00 1285120 ----a-w- c:\windows\SysWow64\VSFilter.dll
2011-08-09 06:40 . 2011-08-22 21:12 90112 ----a-w- c:\windows\system32\igfxCoIn_v2476.dll
2011-08-09 06:30 . 2011-08-22 21:12 128204 ----a-w- c:\windows\system32\igcompkrng575.bin
2011-08-09 06:30 . 2011-08-22 21:12 867020 ----a-w- c:\windows\system32\igkrng575.bin
2011-08-09 06:30 . 2011-08-22 21:12 105608 ----a-w- c:\windows\system32\igfcg575m.bin
2011-08-09 05:44 . 2011-08-22 21:12 98304 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2011-08-09 05:44 . 2011-08-22 21:12 98304 ----a-w- c:\windows\system32\iglhcp64.dll
2011-08-09 05:44 . 2011-08-22 21:12 376832 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2011-08-09 05:44 . 2011-08-22 21:12 376832 ----a-w- c:\windows\system32\iglhsip64.dll
2011-08-09 05:44 . 2011-08-22 21:12 162816 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2011-08-09 05:44 . 2011-08-22 21:12 140288 ----a-w- c:\windows\system32\igfxcmrt64.dll
2011-08-09 05:44 . 2011-08-22 21:12 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2011-08-03 11:50 . 2011-08-18 23:50 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-08-18 23:50 836200 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-08-03 11:50 . 2011-08-18 23:50 816232 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-08-03 11:50 . 2011-08-18 23:50 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2011-08-18 23:50 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-08-18 23:50 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-08-03 11:50 . 2011-08-18 23:50 335976 ----a-w- c:\windows\system32\nvhotkey.dll
2011-08-03 11:50 . 2011-08-18 23:50 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-08-03 11:50 . 2011-08-18 23:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-08-03 11:50 . 2011-08-18 23:50 1816324 ----a-w- c:\windows\system32\nvcoproc.bin
2011-08-03 11:50 . 2011-08-18 23:50 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2011-08-18 23:46 846952 ----a-w- c:\windows\system32\nvumdshimx.dll
2011-08-03 11:50 . 2011-08-18 23:46 8355944 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-08-03 11:50 . 2011-08-18 23:46 7254632 ----a-w- c:\windows\system32\nvcuda.dll
2011-08-03 11:50 . 2011-08-18 23:46 706664 ----a-w- c:\windows\SysWow64\nvumdshim.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-09-28_08.24.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-17 07:42 . 2011-09-28 08:31 47764 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-09-28 08:31 34240 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-08-18 13:00 . 2011-09-28 08:31 9422 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-775366506-3250077059-3962142624-1002_UserData.bin
- 2011-09-28 08:23 . 2011-09-28 08:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-09-28 19:57 . 2011-09-28 19:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-09-28 08:23 . 2011-09-28 08:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-28 19:57 . 2011-09-28 19:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-09-28 08:17 241108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-09-28 19:56 241108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-18 20:04 . 2011-09-28 19:56 8501552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-775366506-3250077059-3962142624-1002-8192.dat
+ 2011-08-18 23:47 . 2011-09-28 19:56 2181500 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-775366506-3250077059-3962142624-1002-12288.dat
- 2011-08-18 23:47 . 2011-09-28 08:17 2181500 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-775366506-3250077059-3962142624-1002-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-08-21 639864]
"Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2011-01-06 1657080]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe [2011-8-16 2589808]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\msvfd32.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 136176]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18 136176]
R3 injectDLL;injectDLL;d:\games\Metin2\injectDLL.sys [2011-04-02 28944]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-09-01 2027840]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-02-10 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-01-05 860040]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: Download all by FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: Stahnou vse FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Vojt\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 82.100.3.1 62.240.162.158
FF - ProfilePath - c:\users\Vojt\AppData\Roaming\Mozilla\Firefox\Profiles\bgll5xgn.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-775366506-3250077059-3962142624-1002\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Vojt\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-775366506-3250077059-3962142624-1002\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Vojt\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
.
**************************************************************************
.
Celkový čas: 2011-09-28 22:01:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-28 20:01
ComboFix2.txt 2011-09-28 08:28
ComboFix3.txt 2011-09-26 18:01
.
Před spuštěním: Volných bajtů: 36 865 298 432
Po spuštění: Volných bajtů: 36 848 574 464
.
- - End Of File - - 52EB11C78EB6E1BA48E07A6E85427CAD

VS čistej

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

vlož nový log z HJT+ info o zrychlení PC...

PC-HELP.CZ

Preventivní kontrola pls log

Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log

Re: Preventivní kontrola pls log