Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu - Děkuju

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Prosím o kontrolu - Děkuju

#1 Příspěvek od sobtik »

Prosím o kontrolu kolegova PC. PC je strašně pomalé. Projel jsem to ccleaner a skoro vubec to nepomohlo. Má tam Tři antivirové programy a nemužu ty dva odinstalovat. Chtěl by si nechat eset protože si ho nedávno koupil. Moc děkuju za pomoc.


Logfile of random's system information tool 1.09 (written by random/random)
Run by Bartosi at 2011-11-04 21:56:03
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 110 GB (23%) free of 469 GB
Total RAM: 2046 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:38, on 4.11.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ICQ7.4\ICQ.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Users\Bartosi\Downloads\RSIT.exe
C:\Program Files\trend micro\Bartosi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] c:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Toolbar_eula_launcher] C:\install\google\eula\EULALauncher.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCSpeedUp] "C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: forteManager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca1ab848388abb) (gupdate1ca1ab848388abb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe

--
End of file - 16135 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Bartosi.job
C:\Windows\tasks\RMSchedule.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.12.2.100006, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, avg@igeared:7.005.030.004, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.2.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Be4 ... &sap=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{203FB6B2-2E1E-4474-863B-4C483ECCE78E}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST\
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_1_3
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]
"Description"=
"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npscriptable.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npgcplug.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npracplug.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
McSiteAdvisor.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\
cs@dictionaries.addons.mozilla.org
toolbar@ask.com
trash
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\
askcom.xml
avg-secure-search.xml
firmycz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-27 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-10-14 1360736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll [2011-04-28 436152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-03 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2011-08-11 258120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2011-08-11 258120]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll [2011-04-28 436152]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-03 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"NeroFilterCheck"=c:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Toolbar_eula_launcher"=C:\install\google\eula\EULALauncher.exe [2007-02-09 16896]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"hpqSRMon"= []
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-05-14 35328]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2010-08-05 104408]
"ContentTransferWMDetector.exe"=C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-07-30 497000]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2011-10-24 2415456]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-07-19 421736]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe [2010-09-21 856312]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2011-10-27 273528]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]
"CreativeTaskScheduler"=C:\Program Files\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"PMCRemote"= []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-04-21 119608]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-09-26 17353352]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Pinnacle Streaming Server.lnk - C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-04 21:56:15 ----D---- C:\Program Files\trend micro
2011-11-04 21:56:03 ----D---- C:\rsit
2011-11-04 21:39:32 ----D---- C:\Users\Bartosi\AppData\Roaming\ESET
2011-11-04 21:35:29 ----D---- C:\Windows\LastGood
2011-11-04 21:33:49 ----D---- C:\ProgramData\ESET
2011-11-04 21:33:49 ----D---- C:\Program Files\ESET
2011-11-04 20:42:58 ----D---- C:\Program Files\CCleaner
2011-10-18 14:09:09 ----D---- C:\ProgramData\AVG2012
2011-10-17 14:12:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\ieui.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\iertutil.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\wininet.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\jscript.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\urlmon.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jscript9.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\url.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\ieframe.dll
2011-10-17 14:12:16 ----A---- C:\Windows\system32\mshtml.dll
2011-10-16 06:50:58 ----D---- C:\734c21ad26daaac72ee8d870
2011-10-14 18:13:41 ----D---- C:\ProgramData\Codemasters
2011-10-14 18:08:12 ----A---- C:\Windows\system32\rapture3d_oal.dll
2011-10-14 18:08:12 ----A---- C:\Windows\system32\mkl_blueripple.dll
2011-10-14 18:08:10 ----D---- C:\Program Files\BRS
2011-10-14 18:06:27 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-10-14 18:06:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-10-14 18:05:38 ----D---- C:\Windows\system32\xlive
2011-10-14 18:05:19 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-10-14 16:13:33 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-14 16:13:30 ----A---- C:\Windows\system32\win32k.sys
2011-10-14 15:21:08 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-14 15:21:08 ----A---- C:\Windows\system32\oleacc.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaccrc.dll

======List of files/folders modified in the last 1 month======

2011-11-04 22:00:56 ----D---- C:\Windows\Temp
2011-11-04 21:56:15 ----RD---- C:\Program Files
2011-11-04 21:39:04 ----SHD---- C:\Windows\Installer
2011-11-04 21:37:27 ----D---- C:\Windows\system32\drivers
2011-11-04 21:35:33 ----D---- C:\Windows\system32\catroot
2011-11-04 21:35:32 ----D---- C:\Windows\inf
2011-11-04 21:35:29 ----D---- C:\Windows
2011-11-04 21:34:33 ----SHD---- C:\System Volume Information
2011-11-04 21:33:49 ----HD---- C:\ProgramData
2011-11-04 21:27:46 ----D---- C:\Windows\system32\Tasks
2011-11-04 21:18:28 ----D---- C:\Windows\Prefetch
2011-11-04 21:07:40 ----D---- C:\Users\Bartosi\AppData\Roaming\Skype
2011-11-04 21:06:57 ----D---- C:\Windows\System32
2011-11-04 21:06:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-04 20:47:08 ----D---- C:\Program Files\AVG
2011-11-04 20:43:39 ----D---- C:\ProgramData\MFAData
2011-11-04 20:38:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-04 20:38:31 ----D---- C:\Windows\winsxs
2011-11-04 20:35:22 ----D---- C:\Program Files\Common Files
2011-11-04 19:51:44 ----D---- C:\Windows\system32\drivers\AVG
2011-11-02 20:13:01 ----AD---- C:\ProgramData\TEMP
2011-10-29 14:20:23 ----D---- C:\Program Files\Mozilla Firefox
2011-10-27 18:24:48 ----D---- C:\Windows\system32\config
2011-10-27 18:24:42 ----D---- C:\Windows\Tasks
2011-10-27 18:24:42 ----D---- C:\Windows\system32\spool
2011-10-27 18:24:42 ----D---- C:\Windows\system32\Msdtc
2011-10-27 18:24:42 ----D---- C:\Windows\system32\catroot2
2011-10-27 18:24:42 ----D---- C:\ProgramData\McAfee Security Scan
2011-10-27 18:24:42 ----D---- C:\Program Files\WinRAR
2011-10-27 18:24:42 ----D---- C:\Program Files\Registry Mechanic
2011-10-27 18:24:42 ----D---- C:\Program Files\Ask.com
2011-10-27 18:24:41 ----D---- C:\Windows\system32\wbem
2011-10-27 18:24:41 ----D---- C:\Windows\registration
2011-10-27 18:24:39 ----D---- C:\ProgramData\Real
2011-10-27 17:33:52 ----D---- C:\Program Files\Real
2011-10-27 17:33:21 ----A---- C:\Windows\system32\rmoc3260.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5032.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5016.dll
2011-10-27 17:31:40 ----A---- C:\Windows\system32\msvcr71.dll
2011-10-27 17:31:39 ----A---- C:\Windows\system32\msvcp71.dll
2011-10-18 16:49:23 ----D---- C:\Users\Bartosi\AppData\Roaming\Vso
2011-10-17 14:35:54 ----D---- C:\Windows\system32\migration
2011-10-17 14:35:54 ----D---- C:\Program Files\Internet Explorer
2011-10-17 14:25:14 ----D---- C:\Windows\Microsoft.NET
2011-10-17 14:25:10 ----RSD---- C:\Windows\assembly
2011-10-17 14:13:43 ----A---- C:\Windows\system32\mrt.exe
2011-10-17 14:10:05 ----D---- C:\ProgramData\Microsoft Help
2011-10-17 14:08:20 ----D---- C:\Program Files\Windows Mail
2011-10-14 19:13:53 ----D---- C:\Program Files\Codemasters
2011-10-14 18:08:04 ----A---- C:\Windows\system32\wrap_oal.dll
2011-10-14 18:08:04 ----A---- C:\Windows\system32\OpenAL32.dll
2011-10-14 18:04:50 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-14 17:42:55 ----SD---- C:\ProgramData\Microsoft
2011-10-14 17:23:55 ----D---- C:\Windows\Logs
2011-10-14 16:46:08 ----D---- C:\Windows\rescache
2011-10-14 16:25:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-09 06:46:17 ----RD---- C:\Program Files\Skype
2011-10-09 06:46:16 ----D---- C:\ProgramData\Skype
2011-10-05 19:27:38 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-08-11 59776]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-10 721904]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-08-13 374392]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20110604.001\IDSvix86.sys [2011-06-03 367736]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS [2011-03-31 50168]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\system32\drivers\NIS\1206000.01D\SYMTDIV.SYS [2011-03-22 331384]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 38240]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7460320]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-10-16 47360]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2011-05-28 126584]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20110518.001\BHDrvx86.sys [2011-04-19 802936]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S3 abxi8r5j;abxi8r5j; C:\Windows\system32\drivers\abxi8r5j.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [2007-12-24 14336]
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [2007-12-24 13312]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-03-25 444800]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20110611.006_c52\NAVENG.SYS [2011-06-12 86008]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20110611.006_c52\NAVEX15.SYS [2011-06-12 1542392]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS [2011-03-31 516216]
S3 UDST7000BDA;TechniSat UDST7000BDA DVB-T/DVB-C Combo; C:\Windows\System32\Drivers\UDST7000BDA.sys [2009-06-15 428048]
S3 UDST7000HID;TechniSat - HID Driver; C:\Windows\system32\drivers\UDST7000HID.sys [2009-06-15 23568]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2011-10-24 2398512]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [2011-08-10 94880]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
R2 NSL;Norton Safe Web Lite; C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe [2010-05-23 126904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 118784]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca1ab848388abb;Služba Google Update (gupdate1ca1ab848388abb); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#2 Příspěvek od sobtik »

Tady dávam ten novy log.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Bartosi at 2011-11-05 08:58:50
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 110 GB (23%) free of 469 GB
Total RAM: 2046 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:59:34, on 5.11.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Bartosi\Desktop\Norton_Removal_Tool.exe
C:\Users\Bartosi\AppData\Local\Temp\7zSBC6B.tmp\SymNRT.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Users\Bartosi\Downloads\RSIT.exe
C:\Program Files\trend micro\Bartosi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] c:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: forteManager.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca1ab848388abb) (gupdate1ca1ab848388abb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe

--
End of file - 12597 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Bartosi.job
C:\Windows\tasks\RMSchedule.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.12.2.100006, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, avg@igeared:7.005.030.004, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.2.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Be4 ... &sap=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{203FB6B2-2E1E-4474-863B-4C483ECCE78E}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST\
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_1_3
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]
"Description"=
"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npscriptable.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npgcplug.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npracplug.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
McSiteAdvisor.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\
cs@dictionaries.addons.mozilla.org
toolbar@ask.com
trash
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\
askcom.xml
avg-secure-search.xml
firmycz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-27 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll [2011-04-28 436152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-03 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll [2011-04-28 436152]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-03 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"NeroFilterCheck"=c:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"hpqSRMon"= []
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-05-14 35328]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-07-19 421736]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2011-10-27 273528]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]
"CreativeTaskScheduler"=C:\Program Files\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"PMCRemote"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContentTransferWMDetector.exe]
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-07-30 497000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-04-21 119608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe [2010-09-21 856312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-09-26 17353352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2010-08-05 104408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toolbar_eula_launcher]
C:\install\google\eula\EULALauncher.exe [2007-02-09 16896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Pinnacle Streaming Server.lnk]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\STRMSE~1\STRMSE~1.EXE [2008-03-25 603408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-05 08:37:45 ----D---- C:\Windows\pss
2011-11-04 21:56:15 ----D---- C:\Program Files\trend micro
2011-11-04 21:56:03 ----D---- C:\rsit
2011-11-04 21:39:32 ----D---- C:\Users\Bartosi\AppData\Roaming\ESET
2011-11-04 21:33:49 ----D---- C:\ProgramData\ESET
2011-11-04 21:33:49 ----D---- C:\Program Files\ESET
2011-11-04 20:42:58 ----D---- C:\Program Files\CCleaner
2011-10-18 14:09:09 ----D---- C:\ProgramData\AVG2012
2011-10-17 14:12:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\ieui.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\iertutil.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\wininet.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\jscript.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\urlmon.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jscript9.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\url.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\ieframe.dll
2011-10-17 14:12:16 ----A---- C:\Windows\system32\mshtml.dll
2011-10-16 06:50:58 ----D---- C:\734c21ad26daaac72ee8d870
2011-10-14 18:13:41 ----D---- C:\ProgramData\Codemasters
2011-10-14 18:08:12 ----A---- C:\Windows\system32\rapture3d_oal.dll
2011-10-14 18:08:12 ----A---- C:\Windows\system32\mkl_blueripple.dll
2011-10-14 18:08:10 ----D---- C:\Program Files\BRS
2011-10-14 18:06:27 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-10-14 18:06:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-10-14 18:05:38 ----D---- C:\Windows\system32\xlive
2011-10-14 18:05:19 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-10-14 16:13:33 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-14 16:13:30 ----A---- C:\Windows\system32\win32k.sys
2011-10-14 15:21:08 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-14 15:21:08 ----A---- C:\Windows\system32\oleacc.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaccrc.dll

======List of files/folders modified in the last 1 month======

2011-11-05 08:59:07 ----D---- C:\Windows\Temp
2011-11-05 08:57:55 ----RD---- C:\Program Files
2011-11-05 08:54:56 ----HD---- C:\ProgramData
2011-11-05 08:50:14 ----SHD---- C:\Windows\Installer
2011-11-05 08:37:45 ----D---- C:\Windows
2011-11-05 08:29:15 ----D---- C:\Windows\system32\drivers
2011-11-05 08:27:31 ----D---- C:\Windows\Tasks
2011-11-05 08:27:28 ----D---- C:\Program Files\Common Files
2011-11-05 08:25:29 ----SD---- C:\Windows\system32\Microsoft
2011-11-05 08:24:56 ----D---- C:\Windows\system32\Tasks
2011-11-05 08:22:02 ----D---- C:\Windows\System32
2011-11-05 08:22:02 ----D---- C:\Windows\inf
2011-11-05 08:22:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-05 08:19:22 ----D---- C:\Users\Bartosi\AppData\Roaming\Skype
2011-11-05 08:17:10 ----D---- C:\Windows\Prefetch
2011-11-04 21:35:33 ----D---- C:\Windows\system32\catroot
2011-11-04 21:34:33 ----SHD---- C:\System Volume Information
2011-11-04 20:43:39 ----D---- C:\ProgramData\MFAData
2011-11-04 20:38:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-04 20:38:31 ----D---- C:\Windows\winsxs
2011-11-02 20:13:01 ----AD---- C:\ProgramData\TEMP
2011-10-29 14:20:23 ----D---- C:\Program Files\Mozilla Firefox
2011-10-27 18:24:48 ----D---- C:\Windows\system32\config
2011-10-27 18:24:42 ----D---- C:\Windows\system32\spool
2011-10-27 18:24:42 ----D---- C:\Windows\system32\Msdtc
2011-10-27 18:24:42 ----D---- C:\Windows\system32\catroot2
2011-10-27 18:24:42 ----D---- C:\ProgramData\McAfee Security Scan
2011-10-27 18:24:42 ----D---- C:\Program Files\WinRAR
2011-10-27 18:24:42 ----D---- C:\Program Files\Registry Mechanic
2011-10-27 18:24:42 ----D---- C:\Program Files\Ask.com
2011-10-27 18:24:41 ----D---- C:\Windows\system32\wbem
2011-10-27 18:24:41 ----D---- C:\Windows\registration
2011-10-27 18:24:39 ----D---- C:\ProgramData\Real
2011-10-27 17:33:52 ----D---- C:\Program Files\Real
2011-10-27 17:33:21 ----A---- C:\Windows\system32\rmoc3260.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5032.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5016.dll
2011-10-27 17:31:40 ----A---- C:\Windows\system32\msvcr71.dll
2011-10-27 17:31:39 ----A---- C:\Windows\system32\msvcp71.dll
2011-10-18 16:49:23 ----D---- C:\Users\Bartosi\AppData\Roaming\Vso
2011-10-17 14:35:54 ----D---- C:\Windows\system32\migration
2011-10-17 14:35:54 ----D---- C:\Program Files\Internet Explorer
2011-10-17 14:25:14 ----D---- C:\Windows\Microsoft.NET
2011-10-17 14:25:10 ----RSD---- C:\Windows\assembly
2011-10-17 14:13:43 ----A---- C:\Windows\system32\mrt.exe
2011-10-17 14:10:05 ----D---- C:\ProgramData\Microsoft Help
2011-10-17 14:08:20 ----D---- C:\Program Files\Windows Mail
2011-10-14 19:13:53 ----D---- C:\Program Files\Codemasters
2011-10-14 18:08:04 ----A---- C:\Windows\system32\wrap_oal.dll
2011-10-14 18:08:04 ----A---- C:\Windows\system32\OpenAL32.dll
2011-10-14 18:04:50 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-14 17:42:55 ----SD---- C:\ProgramData\Microsoft
2011-10-14 17:23:55 ----D---- C:\Windows\Logs
2011-10-14 16:46:08 ----D---- C:\Windows\rescache
2011-10-14 16:25:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-09 06:46:17 ----RD---- C:\Program Files\Skype
2011-10-09 06:46:16 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-08-11 59776]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-10 721904]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-08-13 374392]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20110604.001\IDSvix86.sys [2011-06-03 367736]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS [2011-03-31 50168]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\system32\drivers\NIS\1206000.01D\SYMTDIV.SYS [2011-03-22 331384]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 38240]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7460320]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-10-16 47360]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2011-05-28 126584]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20110518.001\BHDrvx86.sys [2011-04-19 802936]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S3 a74hx7zd;a74hx7zd; C:\Windows\system32\drivers\a74hx7zd.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [2007-12-24 14336]
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [2007-12-24 13312]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-03-25 444800]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20110611.006_c52\NAVENG.SYS [2011-06-12 86008]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20110611.006_c52\NAVEX15.SYS [2011-06-12 1542392]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS [2011-03-31 516216]
S3 UDST7000BDA;TechniSat UDST7000BDA DVB-T/DVB-C Combo; C:\Windows\System32\Drivers\UDST7000BDA.sys [2009-06-15 428048]
S3 UDST7000HID;TechniSat - HID Driver; C:\Windows\system32\drivers\UDST7000HID.sys [2009-06-15 23568]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
R2 NSL;Norton Safe Web Lite; C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe [2010-05-23 126904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 118784]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca1ab848388abb;Služba Google Update (gupdate1ca1ab848388abb); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#3 Příspěvek od sobtik »

Norton už tam není. McAfee Security Scan Plus jsem taky odstranil. Zbytek bych nechal na rádci co odstraní. Má moji plnou důvěru.
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#4 Příspěvek od sobtik »

Prikladám i novy log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Bartosi at 2011-11-05 11:41:54
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 115 GB (25%) free of 469 GB
Total RAM: 2046 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:07, on 5.11.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Bartosi\Desktop\RSIT.exe
C:\Program Files\trend micro\Bartosi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] c:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca1ab848388abb) (gupdate1ca1ab848388abb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 11431 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Bartosi.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.12.2.100006, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, avg@igeared:7.005.030.004, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.2.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Be4 ... &sap=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{203FB6B2-2E1E-4474-863B-4C483ECCE78E}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]
"Description"=
"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npscriptable.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npgcplug.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npracplug.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
McSiteAdvisor.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\
cs@dictionaries.addons.mozilla.org
toolbar@ask.com
trash
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\
askcom.xml
avg-secure-search.xml
firmycz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-27 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-03 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-03 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"NeroFilterCheck"=c:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"hpqSRMon"= []
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-05-14 35328]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-07-19 421736]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2011-10-27 273528]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]
"CreativeTaskScheduler"=C:\Program Files\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"PMCRemote"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContentTransferWMDetector.exe]
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-04-21 119608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-09-26 17353352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toolbar_eula_launcher]
C:\install\google\eula\EULALauncher.exe [2007-02-09 16896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Pinnacle Streaming Server.lnk]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\STRMSE~1\STRMSE~1.EXE [2008-03-25 603408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-05 08:37:45 ----D---- C:\Windows\pss
2011-11-04 21:56:15 ----D---- C:\Program Files\trend micro
2011-11-04 21:56:03 ----D---- C:\rsit
2011-11-04 21:39:32 ----D---- C:\Users\Bartosi\AppData\Roaming\ESET
2011-11-04 21:33:49 ----D---- C:\ProgramData\ESET
2011-11-04 21:33:49 ----D---- C:\Program Files\ESET
2011-11-04 20:42:58 ----D---- C:\Program Files\CCleaner
2011-10-18 14:09:09 ----D---- C:\ProgramData\AVG2012
2011-10-17 14:12:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\ieui.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\iertutil.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\wininet.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\jscript.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\urlmon.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jscript9.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\url.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\ieframe.dll
2011-10-17 14:12:16 ----A---- C:\Windows\system32\mshtml.dll
2011-10-16 06:50:58 ----D---- C:\734c21ad26daaac72ee8d870
2011-10-14 18:13:41 ----D---- C:\ProgramData\Codemasters
2011-10-14 18:08:12 ----A---- C:\Windows\system32\rapture3d_oal.dll
2011-10-14 18:08:12 ----A---- C:\Windows\system32\mkl_blueripple.dll
2011-10-14 18:08:10 ----D---- C:\Program Files\BRS
2011-10-14 18:06:27 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-10-14 18:06:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-10-14 18:05:38 ----D---- C:\Windows\system32\xlive
2011-10-14 18:05:19 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-10-14 16:13:33 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-14 16:13:30 ----A---- C:\Windows\system32\win32k.sys
2011-10-14 15:21:08 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-14 15:21:08 ----A---- C:\Windows\system32\oleacc.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaccrc.dll

======List of files/folders modified in the last 1 month======

2011-11-05 11:41:55 ----D---- C:\Windows\Temp
2011-11-05 11:35:32 ----RD---- C:\Program Files
2011-11-05 11:31:13 ----AD---- C:\ProgramData\TEMP
2011-11-05 11:31:05 ----D---- C:\Program Files\Common Files\PC Tools
2011-11-05 11:31:04 ----D---- C:\Windows\System32
2011-11-05 11:30:22 ----HD---- C:\ProgramData
2011-11-05 11:27:14 ----D---- C:\Program Files\Red Storm Entertainment
2011-11-05 11:26:18 ----SHD---- C:\System Volume Information
2011-11-05 10:52:53 ----D---- C:\Users\Bartosi\AppData\Roaming\Winamp
2011-11-05 10:52:31 ----D---- C:\Windows\inf
2011-11-05 10:49:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-05 10:39:50 ----D---- C:\Windows\system32\Tasks
2011-11-05 10:39:06 ----D---- C:\Users\Bartosi\AppData\Roaming\Skype
2011-11-05 10:38:56 ----D---- C:\Windows\Panther
2011-11-05 10:38:55 ----D---- C:\Windows\Minidump
2011-11-05 10:38:55 ----D---- C:\Windows\Logs
2011-11-05 10:38:55 ----D---- C:\Windows\Debug
2011-11-05 10:38:55 ----D---- C:\Windows
2011-11-05 09:47:57 ----D---- C:\Program Files\Common Files
2011-11-05 09:47:55 ----D---- C:\Windows\system32\drivers
2011-11-05 09:47:53 ----D---- C:\ProgramData\Norton
2011-11-05 09:47:29 ----D---- C:\Program Files\NortonInstaller
2011-11-05 09:44:07 ----SHD---- C:\Windows\Installer
2011-11-05 08:27:31 ----D---- C:\Windows\Tasks
2011-11-05 08:25:29 ----SD---- C:\Windows\system32\Microsoft
2011-11-05 08:17:10 ----D---- C:\Windows\Prefetch
2011-11-04 21:35:33 ----D---- C:\Windows\system32\catroot
2011-11-04 20:43:39 ----D---- C:\ProgramData\MFAData
2011-11-04 20:38:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-04 20:38:31 ----D---- C:\Windows\winsxs
2011-10-29 14:20:23 ----D---- C:\Program Files\Mozilla Firefox
2011-10-27 18:24:48 ----D---- C:\Windows\system32\config
2011-10-27 18:24:42 ----D---- C:\Windows\system32\spool
2011-10-27 18:24:42 ----D---- C:\Windows\system32\Msdtc
2011-10-27 18:24:42 ----D---- C:\Windows\system32\catroot2
2011-10-27 18:24:42 ----D---- C:\Program Files\WinRAR
2011-10-27 18:24:42 ----D---- C:\Program Files\Ask.com
2011-10-27 18:24:41 ----D---- C:\Windows\system32\wbem
2011-10-27 18:24:41 ----D---- C:\Windows\registration
2011-10-27 18:24:39 ----D---- C:\ProgramData\Real
2011-10-27 17:33:52 ----D---- C:\Program Files\Real
2011-10-27 17:33:21 ----A---- C:\Windows\system32\rmoc3260.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5032.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5016.dll
2011-10-27 17:31:40 ----A---- C:\Windows\system32\msvcr71.dll
2011-10-27 17:31:39 ----A---- C:\Windows\system32\msvcp71.dll
2011-10-18 16:49:23 ----D---- C:\Users\Bartosi\AppData\Roaming\Vso
2011-10-17 14:35:54 ----D---- C:\Windows\system32\migration
2011-10-17 14:35:54 ----D---- C:\Program Files\Internet Explorer
2011-10-17 14:25:14 ----D---- C:\Windows\Microsoft.NET
2011-10-17 14:25:10 ----RSD---- C:\Windows\assembly
2011-10-17 14:13:43 ----A---- C:\Windows\system32\mrt.exe
2011-10-17 14:10:05 ----D---- C:\ProgramData\Microsoft Help
2011-10-17 14:08:20 ----D---- C:\Program Files\Windows Mail
2011-10-14 19:13:53 ----D---- C:\Program Files\Codemasters
2011-10-14 18:08:04 ----A---- C:\Windows\system32\wrap_oal.dll
2011-10-14 18:08:04 ----A---- C:\Windows\system32\OpenAL32.dll
2011-10-14 18:04:50 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-14 17:42:55 ----SD---- C:\ProgramData\Microsoft
2011-10-14 16:46:08 ----D---- C:\Windows\rescache
2011-10-14 16:25:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-09 06:46:17 ----RD---- C:\Program Files\Skype
2011-10-09 06:46:16 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-08-11 59776]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-10 721904]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 38240]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7460320]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-10-16 47360]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 al7cjipl;al7cjipl; C:\Windows\system32\drivers\al7cjipl.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [2007-12-24 14336]
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [2007-12-24 13312]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-03-25 444800]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 UDST7000BDA;TechniSat UDST7000BDA DVB-T/DVB-C Combo; C:\Windows\System32\Drivers\UDST7000BDA.sys [2009-06-15 428048]
S3 UDST7000HID;TechniSat - HID Driver; C:\Windows\system32\drivers\UDST7000HID.sys [2009-06-15 23568]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NSL;Norton Safe Web Lite; C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe [2010-05-23 126904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca1ab848388abb;Služba Google Update (gupdate1ca1ab848388abb); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#5 Příspěvek od sobtik »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Bartosi at 2011-11-05 13:06:01
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 117 GB (25%) free of 469 GB
Total RAM: 2046 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:06:07, on 5.11.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Bartosi\Desktop\RSIT.exe
C:\Program Files\trend micro\Bartosi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 5174 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Bartosi.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.12.2.100006, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, avg@igeared:7.005.030.004, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.2.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Be4 ... &sap=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{203FB6B2-2E1E-4474-863B-4C483ECCE78E}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]
"Description"=
"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npscriptable.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npgcplug.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npracplug.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
McSiteAdvisor.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\
cs@dictionaries.addons.mozilla.org
toolbar@ask.com
trash
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\
askcom.xml
avg-secure-search.xml
firmycz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-27 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"hpqSRMon"= []
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
""= []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-08-23 887976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]
"CreativeTaskScheduler"=C:\Program Files\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"PMCRemote"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContentTransferWMDetector.exe]
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-04-21 119608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-09-26 17353352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toolbar_eula_launcher]
C:\install\google\eula\EULALauncher.exe [2007-02-09 16896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Pinnacle Streaming Server.lnk]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\STRMSE~1\STRMSE~1.EXE [2008-03-25 603408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-05 08:37:45 ----D---- C:\Windows\pss
2011-11-04 21:56:15 ----D---- C:\Program Files\trend micro
2011-11-04 21:56:03 ----D---- C:\rsit
2011-11-04 21:39:32 ----D---- C:\Users\Bartosi\AppData\Roaming\ESET
2011-11-04 21:33:49 ----D---- C:\ProgramData\ESET
2011-11-04 21:33:49 ----D---- C:\Program Files\ESET
2011-11-04 20:42:58 ----D---- C:\Program Files\CCleaner
2011-10-18 14:09:09 ----D---- C:\ProgramData\AVG2012
2011-10-17 14:12:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\ieui.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\iertutil.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\wininet.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\jscript.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\urlmon.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jscript9.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\url.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\ieframe.dll
2011-10-17 14:12:16 ----A---- C:\Windows\system32\mshtml.dll
2011-10-16 06:50:58 ----D---- C:\734c21ad26daaac72ee8d870
2011-10-14 18:13:41 ----D---- C:\ProgramData\Codemasters
2011-10-14 18:08:12 ----A---- C:\Windows\system32\rapture3d_oal.dll
2011-10-14 18:08:12 ----A---- C:\Windows\system32\mkl_blueripple.dll
2011-10-14 18:08:10 ----D---- C:\Program Files\BRS
2011-10-14 18:06:27 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-10-14 18:06:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-10-14 18:05:38 ----D---- C:\Windows\system32\xlive
2011-10-14 18:05:19 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-10-14 16:13:33 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-14 16:13:30 ----A---- C:\Windows\system32\win32k.sys
2011-10-14 15:21:08 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-14 15:21:08 ----A---- C:\Windows\system32\oleacc.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaccrc.dll

======List of files/folders modified in the last 1 month======

2011-11-05 13:06:06 ----D---- C:\Windows\Temp
2011-11-05 13:05:26 ----SHD---- C:\Windows\Installer
2011-11-05 13:05:26 ----D---- C:\Program Files\Ask.com
2011-11-05 13:05:24 ----D---- C:\Windows\system32\Tasks
2011-11-05 13:00:49 ----D---- C:\Windows
2011-11-05 13:00:49 ----D---- C:\Program Files\Common Files
2011-11-05 12:54:33 ----SD---- C:\Windows\Downloaded Program Files
2011-11-05 12:54:32 ----D---- C:\Program Files\QuickTime
2011-11-05 12:33:58 ----SHD---- C:\System Volume Information
2011-11-05 12:16:47 ----D---- C:\Windows\system32\catroot2
2011-11-05 11:35:32 ----RD---- C:\Program Files
2011-11-05 11:31:13 ----AD---- C:\ProgramData\TEMP
2011-11-05 11:31:04 ----D---- C:\Windows\System32
2011-11-05 11:30:22 ----HD---- C:\ProgramData
2011-11-05 11:27:14 ----D---- C:\Program Files\Red Storm Entertainment
2011-11-05 10:52:53 ----D---- C:\Users\Bartosi\AppData\Roaming\Winamp
2011-11-05 10:52:31 ----D---- C:\Windows\inf
2011-11-05 10:49:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-05 10:39:06 ----D---- C:\Users\Bartosi\AppData\Roaming\Skype
2011-11-05 10:38:56 ----D---- C:\Windows\Panther
2011-11-05 10:38:55 ----D---- C:\Windows\Minidump
2011-11-05 10:38:55 ----D---- C:\Windows\Logs
2011-11-05 10:38:55 ----D---- C:\Windows\Debug
2011-11-05 09:47:55 ----D---- C:\Windows\system32\drivers
2011-11-05 09:47:53 ----D---- C:\ProgramData\Norton
2011-11-05 09:47:29 ----D---- C:\Program Files\NortonInstaller
2011-11-05 08:27:31 ----D---- C:\Windows\Tasks
2011-11-05 08:25:29 ----SD---- C:\Windows\system32\Microsoft
2011-11-05 08:17:10 ----D---- C:\Windows\Prefetch
2011-11-04 21:35:33 ----D---- C:\Windows\system32\catroot
2011-11-04 20:43:39 ----D---- C:\ProgramData\MFAData
2011-11-04 20:38:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-04 20:38:31 ----D---- C:\Windows\winsxs
2011-10-29 14:20:23 ----D---- C:\Program Files\Mozilla Firefox
2011-10-27 18:24:48 ----D---- C:\Windows\system32\config
2011-10-27 18:24:42 ----D---- C:\Windows\system32\spool
2011-10-27 18:24:42 ----D---- C:\Windows\system32\Msdtc
2011-10-27 18:24:42 ----D---- C:\Program Files\WinRAR
2011-10-27 18:24:41 ----D---- C:\Windows\system32\wbem
2011-10-27 18:24:41 ----D---- C:\Windows\registration
2011-10-27 18:24:39 ----D---- C:\ProgramData\Real
2011-10-27 17:33:52 ----D---- C:\Program Files\Real
2011-10-27 17:33:21 ----A---- C:\Windows\system32\rmoc3260.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5032.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5016.dll
2011-10-27 17:31:40 ----A---- C:\Windows\system32\msvcr71.dll
2011-10-27 17:31:39 ----A---- C:\Windows\system32\msvcp71.dll
2011-10-18 16:49:23 ----D---- C:\Users\Bartosi\AppData\Roaming\Vso
2011-10-17 14:35:54 ----D---- C:\Windows\system32\migration
2011-10-17 14:35:54 ----D---- C:\Program Files\Internet Explorer
2011-10-17 14:25:14 ----D---- C:\Windows\Microsoft.NET
2011-10-17 14:25:10 ----RSD---- C:\Windows\assembly
2011-10-17 14:13:43 ----A---- C:\Windows\system32\mrt.exe
2011-10-17 14:10:05 ----D---- C:\ProgramData\Microsoft Help
2011-10-17 14:08:20 ----D---- C:\Program Files\Windows Mail
2011-10-14 19:13:53 ----D---- C:\Program Files\Codemasters
2011-10-14 18:08:04 ----A---- C:\Windows\system32\wrap_oal.dll
2011-10-14 18:08:04 ----A---- C:\Windows\system32\OpenAL32.dll
2011-10-14 18:04:50 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-14 17:42:55 ----SD---- C:\ProgramData\Microsoft
2011-10-14 16:46:08 ----D---- C:\Windows\rescache
2011-10-14 16:25:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-09 06:46:17 ----RD---- C:\Program Files\Skype
2011-10-09 06:46:16 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-08-11 59776]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-10 721904]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 38240]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7460320]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-10-16 47360]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 ayze351k;ayze351k; C:\Windows\system32\drivers\ayze351k.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [2007-12-24 14336]
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [2007-12-24 13312]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-03-25 444800]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 UDST7000BDA;TechniSat UDST7000BDA DVB-T/DVB-C Combo; C:\Windows\System32\Drivers\UDST7000BDA.sys [2009-06-15 428048]
S3 UDST7000HID;TechniSat - HID Driver; C:\Windows\system32\drivers\UDST7000HID.sys [2009-06-15 23568]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NSL;Norton Safe Web Lite; C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe [2010-05-23 126904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
S4 gupdate1ca1ab848388abb;Služba Google Update (gupdate1ca1ab848388abb); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]

-----------------EOF-----------------
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#6 Příspěvek od sobtik »

Všechno jsem fixnul ale něco se vrátilo. Pc ale stále dlouho najíždí a dlouho se vypíná. Nevím čím to je. Nešlo by to ještě nějak vyčistit?
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#7 Příspěvek od sobtik »

Musel jsem to nahrát na leteckou pioštu. Do přílohy to nevešlo. Tady je odkaz http://leteckaposta.cz/827962672

Tady je ten novy log.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Bartosi at 2011-11-05 20:29:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 114 GB (24%) free of 469 GB
Total RAM: 2046 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:55, on 5.11.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\V0420Mon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Bartosi\Desktop\RSIT.exe
C:\Program Files\trend micro\Bartosi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 5252 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Bartosi.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.12.2.100006, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, avg@igeared:7.005.030.004, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.2.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{203FB6B2-2E1E-4474-863B-4C483ECCE78E}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]
"Description"=
"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npscriptable.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npgcplug.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npracplug.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
McSiteAdvisor.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\
cs@dictionaries.addons.mozilla.org
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\
askcom.xml
avg-secure-search.xml
firmycz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-27 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"hpqSRMon"= []
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
""= []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-08-23 887976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Creative Live! Cam Manager"=C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]
"CreativeTaskScheduler"=C:\Program Files\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"PMCRemote"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContentTransferWMDetector.exe]
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-04-21 119608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-09-26 17353352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toolbar_eula_launcher]
C:\install\google\eula\EULALauncher.exe [2007-02-09 16896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Pinnacle Streaming Server.lnk]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\STRMSE~1\STRMSE~1.EXE [2008-03-25 603408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-05 08:37:45 ----D---- C:\Windows\pss
2011-11-04 21:56:15 ----D---- C:\Program Files\trend micro
2011-11-04 21:56:03 ----D---- C:\rsit
2011-11-04 21:39:32 ----D---- C:\Users\Bartosi\AppData\Roaming\ESET
2011-11-04 21:33:49 ----D---- C:\ProgramData\ESET
2011-11-04 21:33:49 ----D---- C:\Program Files\ESET
2011-11-04 20:42:58 ----D---- C:\Program Files\CCleaner
2011-10-18 14:09:09 ----D---- C:\ProgramData\AVG2012
2011-10-17 14:12:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\ieui.dll
2011-10-17 14:12:20 ----A---- C:\Windows\system32\iertutil.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\wininet.dll
2011-10-17 14:12:19 ----A---- C:\Windows\system32\jscript.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\urlmon.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-17 14:12:18 ----A---- C:\Windows\system32\jscript9.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\url.dll
2011-10-17 14:12:17 ----A---- C:\Windows\system32\ieframe.dll
2011-10-17 14:12:16 ----A---- C:\Windows\system32\mshtml.dll
2011-10-16 06:50:58 ----D---- C:\734c21ad26daaac72ee8d870
2011-10-14 18:13:41 ----D---- C:\ProgramData\Codemasters
2011-10-14 18:08:12 ----A---- C:\Windows\system32\rapture3d_oal.dll
2011-10-14 18:08:12 ----A---- C:\Windows\system32\mkl_blueripple.dll
2011-10-14 18:08:10 ----D---- C:\Program Files\BRS
2011-10-14 18:06:27 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-10-14 18:06:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-10-14 18:05:38 ----D---- C:\Windows\system32\xlive
2011-10-14 18:05:19 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-10-14 17:31:21 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-10-14 17:31:20 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-10-14 16:13:33 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-14 16:13:30 ----A---- C:\Windows\system32\win32k.sys
2011-10-14 15:21:08 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-14 15:21:08 ----A---- C:\Windows\system32\oleacc.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-14 15:21:07 ----A---- C:\Windows\system32\oleaccrc.dll

======List of files/folders modified in the last 1 month======

2011-11-05 20:29:55 ----D---- C:\Windows\Temp
2011-11-05 19:52:19 ----D---- C:\Windows\System32
2011-11-05 19:52:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-05 19:52:18 ----D---- C:\Windows\inf
2011-11-05 19:52:05 ----SHD---- C:\System Volume Information
2011-11-05 19:48:19 ----D---- C:\Windows
2011-11-05 13:39:50 ----D---- C:\Program Files\Mozilla Firefox
2011-11-05 13:05:26 ----SHD---- C:\Windows\Installer
2011-11-05 13:05:26 ----D---- C:\Program Files\Ask.com
2011-11-05 13:05:24 ----D---- C:\Windows\system32\Tasks
2011-11-05 13:00:49 ----D---- C:\Program Files\Common Files
2011-11-05 12:54:33 ----SD---- C:\Windows\Downloaded Program Files
2011-11-05 12:54:32 ----D---- C:\Program Files\QuickTime
2011-11-05 12:16:47 ----D---- C:\Windows\system32\catroot2
2011-11-05 11:35:32 ----RD---- C:\Program Files
2011-11-05 11:31:13 ----AD---- C:\ProgramData\TEMP
2011-11-05 11:30:22 ----HD---- C:\ProgramData
2011-11-05 11:27:14 ----D---- C:\Program Files\Red Storm Entertainment
2011-11-05 10:52:53 ----D---- C:\Users\Bartosi\AppData\Roaming\Winamp
2011-11-05 10:39:06 ----D---- C:\Users\Bartosi\AppData\Roaming\Skype
2011-11-05 10:38:56 ----D---- C:\Windows\Panther
2011-11-05 10:38:55 ----D---- C:\Windows\Minidump
2011-11-05 10:38:55 ----D---- C:\Windows\Logs
2011-11-05 10:38:55 ----D---- C:\Windows\Debug
2011-11-05 09:47:55 ----D---- C:\Windows\system32\drivers
2011-11-05 09:47:53 ----D---- C:\ProgramData\Norton
2011-11-05 09:47:29 ----D---- C:\Program Files\NortonInstaller
2011-11-05 08:27:31 ----D---- C:\Windows\Tasks
2011-11-05 08:25:29 ----SD---- C:\Windows\system32\Microsoft
2011-11-05 08:17:10 ----D---- C:\Windows\Prefetch
2011-11-04 21:35:33 ----D---- C:\Windows\system32\catroot
2011-11-04 20:43:39 ----D---- C:\ProgramData\MFAData
2011-11-04 20:38:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-04 20:38:31 ----D---- C:\Windows\winsxs
2011-10-27 18:24:48 ----D---- C:\Windows\system32\config
2011-10-27 18:24:42 ----D---- C:\Windows\system32\spool
2011-10-27 18:24:42 ----D---- C:\Windows\system32\Msdtc
2011-10-27 18:24:42 ----D---- C:\Program Files\WinRAR
2011-10-27 18:24:41 ----D---- C:\Windows\system32\wbem
2011-10-27 18:24:41 ----D---- C:\Windows\registration
2011-10-27 18:24:39 ----D---- C:\ProgramData\Real
2011-10-27 17:33:52 ----D---- C:\Program Files\Real
2011-10-27 17:33:21 ----A---- C:\Windows\system32\rmoc3260.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5032.dll
2011-10-27 17:32:05 ----A---- C:\Windows\system32\pndx5016.dll
2011-10-27 17:31:40 ----A---- C:\Windows\system32\msvcr71.dll
2011-10-27 17:31:39 ----A---- C:\Windows\system32\msvcp71.dll
2011-10-18 16:49:23 ----D---- C:\Users\Bartosi\AppData\Roaming\Vso
2011-10-17 14:35:54 ----D---- C:\Windows\system32\migration
2011-10-17 14:35:54 ----D---- C:\Program Files\Internet Explorer
2011-10-17 14:25:14 ----D---- C:\Windows\Microsoft.NET
2011-10-17 14:25:10 ----RSD---- C:\Windows\assembly
2011-10-17 14:13:43 ----A---- C:\Windows\system32\mrt.exe
2011-10-17 14:10:05 ----D---- C:\ProgramData\Microsoft Help
2011-10-17 14:08:20 ----D---- C:\Program Files\Windows Mail
2011-10-14 19:13:53 ----D---- C:\Program Files\Codemasters
2011-10-14 18:08:04 ----A---- C:\Windows\system32\wrap_oal.dll
2011-10-14 18:08:04 ----A---- C:\Windows\system32\OpenAL32.dll
2011-10-14 18:04:50 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-14 17:42:55 ----SD---- C:\ProgramData\Microsoft
2011-10-14 16:46:08 ----D---- C:\Windows\rescache
2011-10-14 16:25:37 ----D---- C:\Windows\system32\cs-CZ
2011-10-09 06:46:17 ----RD---- C:\Program Files\Skype
2011-10-09 06:46:16 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-08-11 59776]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-10 721904]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 38240]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7460320]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-10-16 47360]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 a66fhtzi;a66fhtzi; C:\Windows\system32\drivers\a66fhtzi.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [2007-12-24 14336]
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [2007-12-24 13312]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-03-25 444800]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 UDST7000BDA;TechniSat UDST7000BDA DVB-T/DVB-C Combo; C:\Windows\System32\Drivers\UDST7000BDA.sys [2009-06-15 428048]
S3 UDST7000HID;TechniSat - HID Driver; C:\Windows\system32\drivers\UDST7000HID.sys [2009-06-15 23568]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NSL;Norton Safe Web Lite; C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe [2010-05-23 126904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
S4 gupdate1ca1ab848388abb;Služba Google Update (gupdate1ca1ab848388abb); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-24 182768]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]

-----------------EOF-----------------
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#8 Příspěvek od sobtik »

Tady je to OTL. Tady je ten vysledek toho Virus total
http://www.virustotal.com/file-scan/rep ... 1320525306




OTL logfile created on: 5.11.2011 20:50:39 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bartosi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,76% Memory free
4,24 Gb Paging File | 3,25 Gb Available in Paging File | 76,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457,94 Gb Total Space | 110,97 Gb Free Space | 24,23% Space Free | Partition Type: NTFS
Drive F: | 465,75 Gb Total Space | 6,84 Gb Free Space | 1,47% Space Free | Partition Type: NTFS

Computer Name: BARTOSI-PC | User Name: Bartosi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.11.05 20:45:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bartosi\Desktop\OTL.exe
PRC - [2011.08.23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010.05.23 06:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
PRC - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009.05.14 15:47:08 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.05.20 17:06:00 | 006,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.12.24 19:32:36 | 001,064,960 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
PRC - [2007.06.07 13:01:38 | 000,155,648 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2007.04.30 02:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0420Mon.exe
PRC - [2006.11.17 10:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe


========== Modules (No Company Name) ==========

MOD - [2009.08.16 16:06:04 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007.12.24 19:32:50 | 000,065,536 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\MonitorEngRes.dll
MOD - [2007.12.24 19:32:36 | 001,064,960 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
MOD - [2007.12.24 19:32:12 | 000,032,768 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\ContextMenu.dll
MOD - [2007.12.24 19:32:10 | 000,090,112 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\ACRHook.dll
MOD - [2007.12.24 19:32:08 | 000,131,072 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\ApplicationManager.dll
MOD - [2007.12.24 19:31:48 | 000,090,112 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\ProtocolEngine.dll
MOD - [2007.12.24 19:31:42 | 000,147,456 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\DeviceManager.dll
MOD - [2007.12.24 19:31:38 | 000,077,824 | ---- | M] () -- C:\Program Files\LG Soft India\forteManager\bin\ErrorHandler.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.05.23 06:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe -- (NSL)
SRV - [2009.05.14 15:54:22 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2010.03.15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010.03.15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2010.03.15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2010.03.15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010.03.15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2010.03.15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2010.03.15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009.08.10 18:14:10 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.06.15 13:56:48 | 000,023,568 | ---- | M] (TechniSat Digital S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UDST7000HID.sys -- (UDST7000HID)
DRV - [2009.06.15 13:56:47 | 000,428,048 | ---- | M] (TechniSat Digital S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UDST7000BDA.sys -- (UDST7000BDA)
DRV - [2009.05.14 15:49:32 | 000,038,240 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2009.05.14 15:49:26 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009.05.14 15:49:22 | 000,133,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2009.05.14 15:47:14 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.05.14 15:41:10 | 000,114,472 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008.05.03 04:46:00 | 007,460,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.03.25 11:01:14 | 000,444,800 | ---- | M] (DiBcom) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700)
DRV - [2007.12.24 19:31:38 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2007.12.24 19:31:38 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2007.05.31 02:32:34 | 000,099,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2006.10.18 12:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006.08.11 14:47:13 | 000,059,776 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.07.05 13:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-4060839138-207930932-163455722-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.0&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100006
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:7.005.030.004
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.2.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.1.3
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bartosi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.10.27 17:33:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.30 09:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.05 13:39:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.05 08:49:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.11.04 21:33:50 | 000,000,000 | ---D | M]

[2010.01.30 21:10:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Extensions
[2011.11.05 13:39:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions
[2010.11.28 17:17:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.09.27 20:28:54 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.10.20 19:05:46 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.18 14:30:29 | 000,000,000 | ---D | M] (České slovníky pro kontrolu pravopisu) -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\cs@dictionaries.addons.mozilla.org
[2011.11.05 13:07:23 | 000,002,401 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\askcom.xml
[2011.10.26 21:07:47 | 000,003,849 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\avg-secure-search.xml
[2011.03.26 12:11:26 | 000,002,050 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\firmycz.xml
[2011.10.31 15:59:35 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-1.xml
[2011.06.21 17:13:35 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-2.xml
[2011.06.22 20:25:21 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-3.xml
[2011.08.18 19:51:40 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-4.xml
[2011.08.19 18:33:34 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-5.xml
[2011.08.20 17:44:42 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-6.xml
[2011.09.03 22:16:08 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-7.xml
[2011.09.28 20:18:18 | 000,000,950 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin-8.xml
[2011.09.25 16:27:46 | 000,000,168 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin.gif
[2011.09.25 16:27:46 | 000,000,618 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin.src
[2011.04.28 07:30:25 | 000,001,056 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\icqplugin.xml
[2011.03.26 12:11:26 | 000,002,045 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\mapycz.xml
[2011.03.26 12:11:27 | 000,002,211 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\searchplugins\zbocz.xml
[2011.10.09 06:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.10.09 06:46:27 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.09.03 22:09:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.09.03 22:09:25 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.27 17:33:36 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011.11.05 13:39:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.09.21 15:22:15 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npgcplug.dll
[2005.04.27 21:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2011.11.05 13:39:47 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.11.05 13:39:47 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.27 17:57:08 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.11.05 13:39:47 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.11.05 13:39:47 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.11.05 13:39:47 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={4032 ... 2011-11-04 20:27:02&v=8.0.0.40&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/sea ... utEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Bartosi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Bartosi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bartosi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Bartosi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Bartosi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: AVG Safe Search = C:\Users\Bartosi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\
CHR - Extension: Skype Click to Call = C:\Users\Bartosi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Bartosi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4060839138-207930932-163455722-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4060839138-207930932-163455722-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-4060839138-207930932-163455722-1000\..\Toolbar\WebBrowser: (aTube Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4060839138-207930932-163455722-1000..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-4060839138-207930932-163455722-1000..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4060839138-207930932-163455722-1000..\Run: [PMCRemote] File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.152.40.4 10.152.40.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B276369E-77ED-4673-80D3-577671F7B15E}: DhcpNameServer = 10.152.40.4 10.152.40.5
O18 - Protocol\Handler\sacore - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Bartosi\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bartosi\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.25 17:00:25 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.07.27 17:21:45 | 000,000,000 | ---D | M] - F:\autorun -- [ NTFS ]
O33 - MountPoints2\{511f5812-cb7d-11de-bfbb-001fc6dd4c1c}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Play.exe
O33 - MountPoints2\{cdb04e95-09d8-11e0-9f67-001fc6dd4c1c}\Shell - "" = AutoRun
O33 - MountPoints2\{cdb04e95-09d8-11e0-9f67-001fc6dd4c1c}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.mjpg - C:\Windows\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.11.05 20:44:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bartosi\Desktop\OTL.exe
[2011.11.05 12:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bartosi\Desktop\backups
[2011.11.05 12:38:51 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Bartosi\Desktop\HijackThis.exe
[2011.11.05 12:17:10 | 000,000,000 | ---D | C] -- C:\Users\Bartosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.11.05 08:37:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.11.05 08:16:27 | 000,000,000 | ---D | C] -- C:\Users\Bartosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2011.11.04 21:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.04 21:56:03 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.04 21:39:32 | 000,000,000 | ---D | C] -- C:\Users\Bartosi\AppData\Roaming\ESET
[2011.11.04 21:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.11.04 21:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011.11.04 21:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.11.04 20:42:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.09.21 15:22:24 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2009.10.16 17:43:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Bartosi\AppData\Roaming\pcouffin.sys
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.11.05 20:52:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.05 20:45:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bartosi\Desktop\OTL.exe
[2011.11.05 20:37:15 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.05 19:52:19 | 000,644,388 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.11.05 19:52:19 | 000,634,202 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.05 19:52:19 | 000,137,686 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.11.05 19:52:19 | 000,119,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.05 19:46:58 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.05 19:46:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 19:46:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 19:46:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.05 19:46:13 | 2146,557,952 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.05 12:38:52 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Bartosi\Desktop\HijackThis.exe
[2011.11.05 11:36:28 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.11.04 21:50:21 | 000,781,383 | ---- | M] () -- C:\Users\Bartosi\Desktop\RSIT.exe
[2011.11.04 21:28:20 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.04 20:49:10 | 000,121,344 | ---- | M] () -- C:\Users\Bartosi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.02 16:42:12 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Bartosi.job
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.05 20:52:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.04 21:47:24 | 000,781,383 | ---- | C] () -- C:\Users\Bartosi\Desktop\RSIT.exe
[2011.11.04 21:28:20 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.06.03 12:25:39 | 000,000,000 | ---- | C] () -- C:\Users\Bartosi\AppData\Local\prvlcl.dat
[2011.05.28 19:19:29 | 000,001,940 | ---- | C] () -- C:\Users\Bartosi\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.12.31 10:10:54 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.07.25 15:18:03 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.01.29 19:45:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.11.20 17:04:55 | 000,078,184 | ---- | C] () -- C:\Windows\hpqins05.dat
[2009.10.16 17:44:34 | 000,000,671 | ---- | C] () -- C:\Users\Bartosi\AppData\Roaming\vso_ts_preview.xml
[2009.10.16 17:43:23 | 000,087,608 | ---- | C] () -- C:\Users\Bartosi\AppData\Roaming\inst.exe
[2009.10.16 17:43:23 | 000,007,887 | ---- | C] () -- C:\Users\Bartosi\AppData\Roaming\pcouffin.cat
[2009.10.16 17:43:23 | 000,001,144 | ---- | C] () -- C:\Users\Bartosi\AppData\Roaming\pcouffin.inf
[2009.09.17 08:09:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.17 08:09:10 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.07 12:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2009.04.13 13:35:56 | 000,000,095 | ---- | C] () -- C:\Users\Bartosi\AppData\Local\fusioncache.dat
[2009.03.26 19:13:40 | 000,000,680 | ---- | C] () -- C:\Users\Bartosi\AppData\Local\d3d9caps.dat
[2009.03.26 17:12:29 | 000,201,488 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2009.03.26 17:12:29 | 000,141,584 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2009.03.26 17:12:29 | 000,063,248 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2008.12.27 17:37:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.11.17 18:36:20 | 000,000,632 | ---- | C] () -- C:\Windows\CoD.INI
[2008.11.16 17:54:43 | 000,000,264 | ---- | C] () -- C:\Windows\game.ini
[2008.09.25 17:24:36 | 000,121,344 | ---- | C] () -- C:\Users\Bartosi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.25 17:16:42 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.09.25 16:48:49 | 000,175,843 | ---- | C] () -- C:\Windows\hpoins28.dat
[2008.09.15 08:00:21 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008.09.15 07:59:57 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.01.21 07:46:38 | 000,644,388 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.01.21 07:46:38 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.01.21 07:46:38 | 000,137,686 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.01.21 07:46:38 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2007.12.13 01:01:47 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2007.08.23 17:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.01.26 01:04:12 | 000,144,144 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2007.01.26 01:04:12 | 000,033,040 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,383,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,634,202 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,119,766 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2003.09.30 10:47:47 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"Creative Live! Cam Manager" = "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" -- [2007.06.07 13:01:38 | 000,155,648 | ---- | M] (Creative Technology Ltd.)
"CreativeTaskScheduler" = "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon -- [2006.11.17 10:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"PMCRemote" =

< >


< MD5 for: ACPI.SYS >
[2006.11.02 10:51:30 | 000,255,592 | ---- | M] (Microsoft Corporation) MD5=192BDBD1540645C4A2AA69F24CCE197F -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_97916753\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\drivers\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_62085e44\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\acpi.sys
[2008.01.21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_cae6072a\acpi.sys
[2008.01.21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\acpi.sys

< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CMD.EXE >
[2006.11.02 10:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=349CD4318E6E351C9BB72EE13B7CA807 -- C:\Windows\winsxs\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6000.16386_none_88d604c11d71789b\cmd.exe
[2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\System32\cmd.exe
[2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\winsxs\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6001.18000_none_8b0cc6bd1a5c896f\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008.01.21 03:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008.01.21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\System32\drivers\fastfat.sys
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_b09ea48c5485f42b\fastfat.sys
[2008.01.21 03:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3C489390C2E2064563727752AF8EAB9E -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_aeb32b80576428df\fastfat.sys

< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: I8042PRT.SYS >
[2006.11.02 09:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\i8042prt.sys
[2006.11.02 09:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\drivers\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_8b7c4328\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2006.11.02 10:49:57 | 000,032,872 | ---- | M] (Microsoft Corporation) MD5=1A48765F92BA1A88445FC25C9C9D94FC -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\drivers\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
[2008.01.21 03:09:47 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=B076B2AB806B3F696DAB21375389101C -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
[2008.01.21 03:09:47 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=C9B0CF786D5F151A43C7BE8E243F2819 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NTFS.SYS >
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008.01.21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys

< MD5 for: NVRAID.SYS >
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
Naposledy upravil(a) sobtik dne 05 lis 2011 21:47, celkem upraveno 1 x.
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#9 Příspěvek od sobtik »

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008.01.21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SMSS.EXE >
[2008.01.21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009.04.11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008.01.21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010.08.17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010.08.17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010.08.17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010.08.17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.09.15 07:55:25 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.09.15 07:55:25 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USER32.DLL >
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WIN32K.SYS >
[2010.10.18 15:01:21 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=041D6ADE410A2FAD7451DADA50B807AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22778_none_b93974c5b3d5e6c3\win32k.sys
[2008.09.15 07:52:48 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=0FB1E39EE209B26B70A8C1E1A56D38DF -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20782_none_b7425913b6bceacf\win32k.sys
[2009.04.21 12:55:06 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=13D686DF9652E7A397B2C3DA89881C34 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18246_none_b8ce3f929aa1cbdc\win32k.sys
[2009.08.14 14:53:16 | 002,035,712 | ---- | M] (Microsoft Corporation) MD5=18406CE410C1A4394FE1A8246D10567F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18311_none_b8e9afca9a8df67d\win32k.sys
[2011.06.02 13:59:29 | 002,042,368 | ---- | M] (Microsoft Corporation) MD5=1AB81DE60826E31BCA3644C34C35006D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18653_none_b8c076609aac9064\win32k.sys
[2009.08.14 14:29:56 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=26AC4A647E67C7A7064309CBF1AAE3AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22200_none_bb639005b0cab34a\win32k.sys
[2010.06.21 14:47:04 | 002,045,952 | ---- | M] (Microsoft Corporation) MD5=2AB7745E006D3692A6B758F9A97386A8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22428_none_bb55f649b0d3b032\win32k.sys
[2010.12.31 14:59:47 | 002,048,000 | ---- | M] (Microsoft Corporation) MD5=2EE9A7A6563BEB2D325028BFA1639A94 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22560_none_bb22b62fb0fb5265\win32k.sys
[2009.02.09 03:54:45 | 002,033,664 | ---- | M] (Microsoft Corporation) MD5=33180D19BCCBF9CB6B96CE03BB613FD4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22372_none_b9336b71b3db5a1d\win32k.sys
[2010.10.18 14:31:24 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=4A2D1819212071B0AA0DD47DD6D2DC7B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18328_none_bacc597e97b61068\win32k.sys
[2011.06.02 14:12:16 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=4CD2681A8C7613567F5DFAE6EA4589C4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22653_none_bb3088dfb0f07fa0\win32k.sys
[2008.09.20 02:13:20 | 002,029,568 | ---- | M] (Microsoft Corporation) MD5=541DF3F03A378BDD96A917A4CB8C71A2 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20922_none_b7833c67b68c3d77\win32k.sys
[2010.08.31 15:33:39 | 002,046,464 | ---- | M] (Microsoft Corporation) MD5=5A259D684426F7DCBD6D435347955FF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22478_none_bb1fe6adb0fc3be7\win32k.sys
[2008.09.15 07:52:48 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=5B1E0409A9A6C415543732F21B2B7CC6 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22125_none_b96c781fb3b0201f\win32k.sys
[2009.02.09 04:10:34 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=5CAE6E4513342909C7FDA4F83D85E958 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18211_none_b8e9ade49a8df956\win32k.sys
[2009.04.21 12:55:42 | 002,030,080 | ---- | M] (Microsoft Corporation) MD5=633B5887DC689EB3ECF2F0994F506F40 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21044_none_b76f7545b69adb49\win32k.sys
[2008.01.21 03:24:35 | 002,031,616 | ---- | M] (Microsoft Corporation) MD5=664FCB81B53ECC5A1ACB325D50EB11C0 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_b8f379ba9a86c9c0\win32k.sys
[2009.02.09 02:54:23 | 002,030,080 | ---- | M] (Microsoft Corporation) MD5=6730B1581BBE610596C322465229D8A2 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21006_none_b79cb589b6789e33\win32k.sys
[2009.02.09 02:59:26 | 002,028,032 | ---- | M] (Microsoft Corporation) MD5=68D3921F210FC146876B7815DF5BCC41 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16816_none_b70870b09d62e718\win32k.sys
[2010.05.01 14:53:49 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=6E78D8BB909579F9CBA6C8410C5C1697 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18468_none_b8baa41a9ab030ba\win32k.sys
[2008.09.15 07:52:48 | 002,027,008 | ---- | M] (Microsoft Corporation) MD5=6FF39E07708091C05FC748DB2DE833EA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16646_none_b6e7fd209d7b409d\win32k.sys
[2009.04.11 05:24:16 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=71C61AFCD453F3153B0EB4F988EE669D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_badef2c697a8950c\win32k.sys
[2011.06.02 13:59:32 | 002,042,880 | ---- | M] (Microsoft Corporation) MD5=7380515AC4AD02062931817CC226486D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22927_none_b96e87e3b3ae3c05\win32k.sys
[2010.12.31 14:24:31 | 002,039,296 | ---- | M] (Microsoft Corporation) MD5=7BE33568CBC736ACD18BF868CCFDD721 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22824_none_b96b851fb3b0f2d9\win32k.sys
[2010.12.31 14:25:17 | 002,038,784 | ---- | M] (Microsoft Corporation) MD5=7E2B88A06365DB40AB739E51DE750A1A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18573_none_b8aad4a29abccb1f\win32k.sys
[2009.08.14 14:27:17 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=8705038245789561EE714D12CC3368CE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18091_none_ba79a25297f52b29\win32k.sys
[2010.08.31 14:39:46 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=8B8F4094E0C58022F8CBA3D33E45E244 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18523_none_b8e0e43e9a943f6a\win32k.sys
[2008.09.20 02:21:50 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=8BE357305D4BBEC35DBBE7D5536EE8C9 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22271_none_b9326941b3dc439f\win32k.sys
[2008.09.15 07:52:48 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=8F2DA4DDC21250ABA9206352A1080299 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18027_none_b8e4dbe89a90b303\win32k.sys
[2010.05.01 21:27:32 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=92D62DCB0C488707CCDBC4044C62920C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22682_none_b928a137b3e36d83\win32k.sys
[2008.09.18 03:16:28 | 002,032,640 | ---- | M] (Microsoft Corporation) MD5=9304DD0014438C06261994960E24418A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18145_none_b8cd3d629aa2b55e\win32k.sys
[2009.08.14 15:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) MD5=9352E049F234BFA756C840CD8BDF4FFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16908_none_b71543169d58fafc\win32k.sys
[2010.06.21 14:18:15 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=A0F8D73E65CD93F90FE9410FB17CD154 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18496_none_b89833c29aca51df\win32k.sys
[2009.04.21 12:39:47 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=A1696D4E327DB3FC815DAE837DC3D8B8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18023_none_bac7525a97ba9a40\win32k.sys
[2008.09.18 03:03:07 | 002,027,520 | ---- | M] (Microsoft Corporation) MD5=A90760D6F915CBB28E7F240668881BDE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16754_none_b6db2e869d852707\win32k.sys
[2011.03.03 13:53:48 | 002,040,832 | ---- | M] (Microsoft Corporation) MD5=A91142A46B8FC7CFBD22F78515756EF1 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18612_none_b8eab5c69a8d0749\win32k.sys
[2009.04.21 12:42:33 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=AB4D93D30AA6B51598ADAFB6AAAB5962 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22119_none_bb61c0cdb0cab623\win32k.sys
[2010.05.01 15:26:07 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=ABC44865039F3D6B055F7418A83802CC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22396_none_bb08445bb10e43f4\win32k.sys
[2011.06.02 14:34:49 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=AD40B88FEA23C51404C40948C3160285 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18475_none_ba934aea97e14d3f\win32k.sys
[2011.09.06 16:18:22 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=B2855D835DBB342F9B058012254DB767 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22711_none_bb59c9e1b0d1da55\win32k.sys
[2010.06.21 14:25:11 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=B39C0D9A2B67487FCCF50345E44F8125 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22716_none_b97853b9b3a70c6f\win32k.sys
[2011.03.03 14:25:11 | 002,041,856 | ---- | M] (Microsoft Corporation) MD5=BE9AC15503AD65C35D9EF649539C4E3F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18417_none_bad62b0697aed847\win32k.sys
[2010.08.31 14:27:38 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=C2F2451A71234D5CF5D0E6C6546FAC6D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18305_none_badef87897a88c81\win32k.sys
[2010.06.21 14:37:03 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=C803AEA1F4ED11CBBFFBEFF2FE78D463 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18275_none_ba93471e97e152f1\win32k.sys
[2010.08.31 14:38:10 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=CFDC1586D84A187D38512528F60CA7E5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22754_none_b94b1375b3c94985\win32k.sys
[2009.08.14 14:46:38 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=D4F9530BB031E0BAEDBE08B21BE52ADD -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22497_none_b922cef1b3e70dd9\win32k.sys
[2009.04.21 14:26:36 | 002,034,176 | ---- | M] (Microsoft Corporation) MD5=D8882CAF965DCBDE4278C88842D0ACFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22416_none_b9784e07b3a714fa\win32k.sys
[2010.05.01 15:13:48 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=DE14B77E9A30588F944163BD0911EDEA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18253_none_baa6e66297d2e861\win32k.sys
[2009.04.21 13:04:30 | 002,028,032 | ---- | M] (Microsoft Corporation) MD5=F0F292B8E028D69ACF49A9A78FBE4B78 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16849_none_b6eb01ca9d7886f0\win32k.sys
[2009.08.15 22:08:32 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=F140B984628DA0171AC67548A0515572 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21108_none_b79eb803b676ce08\win32k.sys
[2011.03.03 13:51:31 | 002,041,344 | ---- | M] (Microsoft Corporation) MD5=F56A9A30BA307D902C661A71B46F75F3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22867_none_b943464db3ceaea2\win32k.sys
[2011.09.06 14:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=FC8AC0F6116A2454DEE43680494784E4 -- C:\Windows\System32\win32k.sys
[2011.09.06 14:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=FC8AC0F6116A2454DEE43680494784E4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18512_none_bad12b7a97b356bb\win32k.sys
[2011.03.03 16:19:03 | 002,050,560 | ---- | M] (Microsoft Corporation) MD5=FCDC7F76EB218887230BE86AC6EBAC9B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22601_none_bb6497e7b0c9c13d\win32k.sys
[2010.12.31 14:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) MD5=FD9B62599B3AD261D203040BC7DDEC65 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18365_none_ba9e18f097d93427\win32k.sys
[2010.10.18 16:02:01 | 002,046,976 | ---- | M] (Microsoft Corporation) MD5=FDFC6B42F398A78C490616EA9DE3BCF5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22506_none_bb699773b0c542c9\win32k.sys
[2010.10.18 14:56:44 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=FEC8A2CE367AFB7D91ABC0B16478B171 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18539_none_b8dc160e9a96f365\win32k.sys

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINSRV.DLL >
[2009.04.11 07:28:25 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=40864DA48A14EBC68A0D6BFD08BA21EB -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18005_none_b86a0fae997700f7\winsrv.dll
[2011.06.17 16:19:45 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=54D17B3CF96B72929A61391E765D7D4C -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22662_none_b8afd591b2c7ee25\winsrv.dll
[2011.04.20 16:55:29 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=5DF01708D214FDC0075AD197F1889557 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18456_none_b83507f4999e9a9f\winsrv.dll
[2011.04.20 16:13:57 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=60B351541547DE0A483926AA825D1D1D -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22628_none_b8e116fdb2a2166b\winsrv.dll
[2008.01.21 03:24:35 | 000,375,296 | ---- | M] (Microsoft Corporation) MD5=8B05FAF8603E6FDE90C5B103761CC3F6 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18000_none_b67e96a29c5535ab\winsrv.dll
[2011.06.17 17:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=9A7A3BC8DC7E7ECABA2478CED4C38CBD -- C:\Windows\System32\winsrv.dll
[2011.06.17 17:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=9A7A3BC8DC7E7ECABA2478CED4C38CBD -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18484_none_b812979c99b8bbc4\winsrv.dll
[2011.04.20 15:37:24 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=D1DE6323ADB727E9E9BFC0C4315A93E1 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.22904_none_b70c43c5b56f2409\winsrv.dll
[2011.04.20 15:47:25 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=F42F8855CB5C22E203C6672B124F17FD -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18638_none_b66634929c664320\winsrv.dll
< MD5 for: WS2_32.DLL >
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2007.10.20 17:21:50 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5mu.dll
[2006.11.02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2007.04.09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
[2008.01.21 07:40:30 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2007.10.20 17:21:50 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\hpzpp5mu.dll
[2006.11.02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2007.04.09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\mdippr.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
[2008.01.21 07:40:30 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2006.09.18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006.09.18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2008.01.21 03:23:51 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2008.09.25 17:22:18 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009.11.18 13:50:50 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009.01.09 15:43:21 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009.11.18 13:51:04 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.08.10 18:14:10 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /10 >
[2011.11.05 19:46:25 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 19:46:26 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.27 17:31:39 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp71.dll
[2011.10.27 17:31:40 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr71.dll
[2011.11.05 19:52:19 | 000,137,686 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.11.05 19:52:19 | 000,119,766 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.11.05 19:52:19 | 000,644,388 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.11.05 19:52:19 | 000,634,202 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.11.05 19:52:19 | 001,532,486 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2011.10.27 17:32:05 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\pndx5016.dll
[2011.10.27 17:32:05 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\pndx5032.dll
[2011.10.27 17:33:21 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\rmoc3260.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV

< %systemroot%\Tasks\*.job >
[2011.11.05 19:46:58 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.11.05 20:37:15 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.11.02 16:42:12 | 000,000,442 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for Bartosi.job

< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2008.11.20 17:23:50 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\aAvgApi
[2011.04.03 17:16:52 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Adobe
[2009.09.13 15:15:39 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Ahead
[2011.08.05 20:24:26 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Apple Computer
[2009.09.08 16:18:43 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Capcom
[2009.12.24 10:50:28 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.12.18 16:41:09 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Creative
[2011.05.06 07:47:57 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\CyberLink
[2011.09.02 12:55:15 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\DAEMON Tools Lite
[2011.09.02 12:55:15 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\DAEMON Tools Pro
[2010.06.04 15:05:31 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\DivX
[2011.11.04 21:39:32 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\ESET
[2011.09.03 13:04:29 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\GHISLER
[2011.07.10 17:50:51 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\go
[2008.11.20 14:00:51 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Google
[2009.06.07 11:16:24 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\HP
[2010.10.08 15:44:54 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\HpUpdate
[2011.07.19 20:13:56 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\ICQ
[2008.09.25 16:39:59 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Identities
[2008.09.26 16:52:42 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Media Center Programs
[2011.05.06 07:53:50 | 000,000,000 | --SD | M] -- C:\Users\Bartosi\AppData\Roaming\Microsoft
[2010.01.30 21:10:50 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Mozilla
[2008.12.04 20:17:00 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\muvee Technologies
[2010.10.23 17:38:35 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\OpenCandy
[2010.09.20 19:05:11 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Real
[2010.11.29 19:27:37 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Registry Mechanic
[2011.11.05 10:39:06 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Skype
[2011.06.19 15:04:04 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\skypePM
[2010.12.17 15:33:08 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Sony
[2010.11.16 19:00:12 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Sony Corporation
[2009.09.08 15:45:43 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\TeamViewer
[2011.05.27 18:52:18 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Tific
[2011.10.18 16:49:23 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Vso
[2011.11.05 10:52:53 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Winamp
[2009.09.08 16:15:57 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\WinRAR
[2008.09.25 17:21:28 | 000,000,000 | ---D | M] -- C:\Users\Bartosi\AppData\Roaming\Zoner

< %APPDATA%\*.* >
[2009.10.16 17:43:23 | 000,087,608 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\inst.exe
[2009.10.16 17:43:23 | 000,007,887 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\pcouffin.cat
[2009.10.16 17:43:23 | 000,001,144 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\pcouffin.inf
[2009.10.16 17:44:03 | 000,000,034 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\pcouffin.log
[2009.10.16 17:43:23 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Bartosi\AppData\Roaming\pcouffin.sys
[2011.10.18 16:49:21 | 000,000,671 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\vso_ts_preview.xml

< %APPDATA%\*.exe /s >
[2009.10.16 17:43:23 | 000,087,608 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\inst.exe
[2009.11.20 12:08:20 | 000,038,784 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.12.17 15:52:33 | 000,010,134 | R--- | M] () -- C:\Users\Bartosi\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2011.11.05 12:17:10 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Bartosi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2009.09.03 15:30:06 | 000,057,344 | R--- | M] (Macrovision Corporation) -- C:\Users\Bartosi\AppData\Roaming\Microsoft\Installer\{894084B6-BC69-43B7-BF06-B93AECFEA520}\NewShortcut8_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe
[2010.10.23 17:38:36 | 000,349,296 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\OpenCandy\OpenCandy_92D2772ABF5544BAB3C0247103569723\DLMgr_3_1.6.87.exe
[2010.10.13 22:43:34 | 000,043,440 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\OpenCandy\OpenCandy_92D2772ABF5544BAB3C0247103569723\SpeedstarterCZ.exe
[2010.10.23 17:38:42 | 001,198,112 | ---- | M] () -- C:\Users\Bartosi\AppData\Roaming\OpenCandy\OpenCandy_92D2772ABF5544BAB3C0247103569723\zrychlenipocitace_oc1p1v1.exe
[2010.10.12 22:14:40 | 001,076,456 | ---- | M] (Speedchecker Limited ) -- C:\Users\Bartosi\AppData\Roaming\OpenCandy\OpenCandy_92D2772ABF5544BAB3C0247103569723\zrychlenipocitace_oc1_.exe
[2009.12.04 16:17:36 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bartosi\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2009.11.25 13:30:59 | 000,079,368 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bartosi\AppData\Roaming\Real\Update\setup3.09\RUP\vista.exe
[2010.06.29 15:28:58 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bartosi\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2010.11.14 07:54:51 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bartosi\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.10.21 14:47:33 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bartosi\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.10.21 17:48:05 | 025,881,552 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bartosi\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer.exe
[2011.10.21 17:47:45 | 000,684,288 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bartosi\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.11.05 13:39:49 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=4E5585800B561FBEF64B27425365A36F -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.05.18 05:59:13 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %ALLUSERSPROFILE%\Data Aplikací\Google\Chrome\Application\chrome.exe /md5 >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-05 18:52:25

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.04.11 07:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation)
"StateIndex" = 1

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.05 20:52:05 | 000,000,512 | ---- | M] () MD5=5F970C9461C30772D07AA5C2A3718C24 -- C:\PhysicalMBR.bin

< bcdedit /v >C:\boot.txt /c >
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=C:
description Windows Boot Manager
locale cs-CZ
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
default {0879f346-82f4-11dd-b3e6-001fc6dd4c1c}
resumeobject {0879f347-82f4-11dd-b3e6-001fc6dd4c1c}
displayorder {0879f346-82f4-11dd-b3e6-001fc6dd4c1c}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
resume No
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {0879f346-82f4-11dd-b3e6-001fc6dd4c1c}
device partition=C:
path \Windows\system32\winload.exe
description Microsoft Windows Vista
locale cs-CZ
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence {572bcd56-ffa7-11d9-aae0-0007e994107d}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {0879f347-82f4-11dd-b3e6-001fc6dd4c1c}
nx OptIn

< type C:\boot.txt >> test1.txt /c >

< >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:ECE4A64B
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#10 Příspěvek od sobtik »

21:40:30.0851 5920 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
21:40:32.0853 5920 ============================================================
21:40:32.0854 5920 Current date / time: 2011/11/05 21:40:32.0853
21:40:32.0854 5920 SystemInfo:
21:40:32.0854 5920
21:40:32.0854 5920 OS Version: 6.0.6002 ServicePack: 2.0
21:40:32.0854 5920 Product type: Workstation
21:40:32.0854 5920 ComputerName: BARTOSI-PC
21:40:32.0854 5920 UserName: Bartosi
21:40:32.0854 5920 Windows directory: C:\Windows
21:40:32.0854 5920 System windows directory: C:\Windows
21:40:32.0854 5920 Processor architecture: Intel x86
21:40:32.0854 5920 Number of processors: 2
21:40:32.0854 5920 Page size: 0x1000
21:40:32.0854 5920 Boot type: Normal boot
21:40:32.0854 5920 ============================================================
21:40:40.0527 5920 Initialize success
21:41:48.0018 4212 ============================================================
21:41:48.0018 4212 Scan started
21:41:48.0018 4212 Mode: Manual; SigCheck; TDLFS;
21:41:48.0018 4212 ============================================================
21:41:48.0916 4212 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:41:49.0058 4212 ACPI - ok
21:41:49.0120 4212 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:41:49.0180 4212 adp94xx - ok
21:41:49.0206 4212 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:41:49.0238 4212 adpahci - ok
21:41:49.0260 4212 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:41:49.0285 4212 adpu160m - ok
21:41:49.0311 4212 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:41:49.0336 4212 adpu320 - ok
21:41:49.0385 4212 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:41:49.0507 4212 AFD - ok
21:41:49.0537 4212 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:41:49.0550 4212 agp440 - ok
21:41:49.0569 4212 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:41:49.0607 4212 aic78xx - ok
21:41:49.0630 4212 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:41:49.0665 4212 aliide - ok
21:41:49.0689 4212 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:41:49.0745 4212 amdagp - ok
21:41:49.0769 4212 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:41:49.0792 4212 amdide - ok
21:41:49.0815 4212 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:41:49.0932 4212 AmdK7 - ok
21:41:49.0957 4212 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:41:50.0010 4212 AmdK8 - ok
21:41:50.0062 4212 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:41:50.0099 4212 arc - ok
21:41:50.0126 4212 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:41:50.0163 4212 arcsas - ok
21:41:50.0235 4212 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:41:50.0311 4212 AsyncMac - ok
21:41:50.0354 4212 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:41:50.0368 4212 atapi - ok
21:41:50.0406 4212 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:41:50.0482 4212 Beep - ok
21:41:50.0524 4212 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:41:50.0611 4212 blbdrive - ok
21:41:50.0667 4212 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:41:50.0765 4212 bowser - ok
21:41:50.0787 4212 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:41:50.0877 4212 BrFiltLo - ok
21:41:50.0899 4212 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:41:50.0951 4212 BrFiltUp - ok
21:41:50.0984 4212 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:41:51.0110 4212 Brserid - ok
21:41:51.0130 4212 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:41:51.0210 4212 BrSerWdm - ok
21:41:51.0231 4212 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:41:51.0305 4212 BrUsbMdm - ok
21:41:51.0338 4212 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:41:51.0409 4212 BrUsbSer - ok
21:41:51.0443 4212 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:41:51.0530 4212 BTHMODEM - ok
21:41:51.0573 4212 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:41:51.0654 4212 cdfs - ok
21:41:51.0708 4212 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:41:51.0795 4212 cdrom - ok
21:41:51.0817 4212 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
21:41:51.0893 4212 circlass - ok
21:41:51.0939 4212 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:41:51.0954 4212 CLFS - ok
21:41:51.0991 4212 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:41:52.0014 4212 cmdide - ok
21:41:52.0033 4212 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
21:41:52.0044 4212 Compbatt - ok
21:41:52.0057 4212 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:41:52.0085 4212 crcdisk - ok
21:41:52.0104 4212 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:41:52.0148 4212 Crusoe - ok
21:41:52.0203 4212 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:41:52.0262 4212 DfsC - ok
21:41:52.0332 4212 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:41:52.0341 4212 disk - ok
21:41:52.0379 4212 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
21:41:52.0455 4212 Dot4 - ok
21:41:52.0491 4212 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:41:52.0577 4212 Dot4Print - ok
21:41:52.0607 4212 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
21:41:52.0673 4212 dot4usb - ok
21:41:52.0718 4212 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:41:52.0776 4212 drmkaud - ok
21:41:52.0833 4212 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:41:52.0863 4212 DXGKrnl - ok
21:41:52.0906 4212 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:41:52.0943 4212 E1G60 - ok
21:41:52.0959 4212 EagleXNt - ok
21:41:53.0008 4212 eamon (e31464ce787e3a0ffea55baa591897f0) C:\Windows\system32\DRIVERS\eamon.sys
21:41:53.0050 4212 eamon - ok
21:41:53.0114 4212 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:41:53.0134 4212 Ecache - ok
21:41:53.0182 4212 ehdrv (2c95a7a87e4272c1fff9baf579677db3) C:\Windows\system32\DRIVERS\ehdrv.sys
21:41:53.0217 4212 ehdrv - ok
21:41:53.0266 4212 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:41:53.0297 4212 elxstor - ok
21:41:53.0355 4212 epfw (c2c9a92b560a775c65b89e78dcb6951a) C:\Windows\system32\DRIVERS\epfw.sys
21:41:53.0366 4212 epfw - ok
21:41:53.0401 4212 Epfwndis (73fc7c4a5952b5493c6be2708d1538c0) C:\Windows\system32\DRIVERS\Epfwndis.sys
21:41:53.0435 4212 Epfwndis - ok
21:41:53.0464 4212 epfwwfp (5211fb96523e6c1aee19d6fb4d57ce25) C:\Windows\system32\DRIVERS\epfwwfp.sys
21:41:53.0473 4212 epfwwfp - ok
21:41:53.0497 4212 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:41:53.0544 4212 ErrDev - ok
21:41:53.0600 4212 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:41:53.0670 4212 exfat - ok
21:41:53.0706 4212 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:41:53.0772 4212 fastfat - ok
21:41:53.0870 4212 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:41:53.0960 4212 fdc - ok
21:41:53.0981 4212 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:41:53.0994 4212 FileInfo - ok
21:41:54.0012 4212 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:41:54.0079 4212 Filetrace - ok
21:41:54.0111 4212 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:41:54.0166 4212 flpydisk - ok
21:41:54.0189 4212 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:41:54.0229 4212 FltMgr - ok
21:41:54.0270 4212 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:41:54.0322 4212 Fs_Rec - ok
21:41:54.0341 4212 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:41:54.0349 4212 gagp30kx - ok
21:41:54.0377 4212 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:41:54.0387 4212 GEARAspiWDM - ok
21:41:54.0454 4212 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:41:54.0510 4212 HDAudBus - ok
21:41:54.0529 4212 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:41:54.0610 4212 HidBth - ok
21:41:54.0633 4212 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
21:41:54.0682 4212 HidIr - ok
21:41:54.0724 4212 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:41:54.0754 4212 HidUsb - ok
21:41:54.0777 4212 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:41:54.0786 4212 HpCISSs - ok
21:41:54.0824 4212 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:41:54.0865 4212 HTTP - ok
21:41:54.0892 4212 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:41:54.0927 4212 i2omp - ok
21:41:54.0963 4212 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:41:55.0012 4212 i8042prt - ok
21:41:55.0042 4212 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:41:55.0056 4212 iaStorV - ok
21:41:55.0076 4212 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:41:55.0085 4212 iirsp - ok
21:41:55.0164 4212 IntcAzAudAddService (58628f232a00a3149d7cc7708c521499) C:\Windows\system32\drivers\RTKVHDA.sys
21:41:55.0273 4212 IntcAzAudAddService - ok
21:41:55.0290 4212 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
21:41:55.0326 4212 intelide - ok
21:41:55.0343 4212 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:41:55.0408 4212 intelppm - ok
21:41:55.0441 4212 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:41:55.0508 4212 IpFilterDriver - ok
21:41:55.0528 4212 IpInIp - ok
21:41:55.0550 4212 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:41:55.0614 4212 IPMIDRV - ok
21:41:55.0637 4212 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:41:55.0687 4212 IPNAT - ok
21:41:55.0735 4212 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:41:55.0770 4212 IRENUM - ok
21:41:55.0794 4212 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:41:55.0803 4212 isapnp - ok
21:41:55.0845 4212 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:41:55.0872 4212 iScsiPrt - ok
21:41:55.0890 4212 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:41:55.0926 4212 iteatapi - ok
21:41:55.0946 4212 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:41:55.0982 4212 iteraid - ok
21:41:55.0996 4212 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:41:56.0033 4212 kbdclass - ok
21:41:56.0052 4212 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:41:56.0095 4212 kbdhid - ok
21:41:56.0142 4212 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
21:41:56.0166 4212 KSecDD - ok
21:41:56.0238 4212 LGDDCDevice (94b28885a72e127374cb113d13163b68) C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys
21:41:56.0275 4212 LGDDCDevice ( UnsignedFile.Multi.Generic ) - warning
21:41:56.0275 4212 LGDDCDevice - detected UnsignedFile.Multi.Generic (1)
21:41:56.0294 4212 LGII2CDevice (acc40c79ab2b7d3ec2c82b88f6dc17a0) C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys
21:41:56.0381 4212 LGII2CDevice ( UnsignedFile.Multi.Generic ) - warning
21:41:56.0381 4212 LGII2CDevice - detected UnsignedFile.Multi.Generic (1)
21:41:56.0403 4212 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:41:56.0438 4212 lltdio - ok
21:41:56.0465 4212 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:41:56.0489 4212 LSI_FC - ok
21:41:56.0520 4212 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:41:56.0545 4212 LSI_SAS - ok
21:41:56.0577 4212 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:41:56.0602 4212 LSI_SCSI - ok
21:41:56.0622 4212 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:41:56.0674 4212 luafv - ok
21:41:56.0703 4212 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:41:56.0727 4212 megasas - ok
21:41:56.0762 4212 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:41:56.0929 4212 MegaSR - ok
21:41:56.0989 4212 mod7700 (cca3c610519e98e9eb99ce137f7a4105) C:\Windows\system32\Drivers\dvb7700all.sys
21:41:57.0077 4212 mod7700 - ok
21:41:57.0098 4212 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:41:57.0168 4212 Modem - ok
21:41:57.0204 4212 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:41:57.0275 4212 monitor - ok
21:41:57.0307 4212 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:41:57.0320 4212 mouclass - ok
21:41:57.0334 4212 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:41:57.0383 4212 mouhid - ok
21:41:57.0405 4212 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:41:57.0441 4212 MountMgr - ok
21:41:57.0469 4212 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:41:57.0507 4212 mpio - ok
21:41:57.0530 4212 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:41:57.0636 4212 mpsdrv - ok
21:41:57.0671 4212 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:41:57.0694 4212 Mraid35x - ok
21:41:57.0735 4212 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:41:57.0759 4212 MRxDAV - ok
21:41:57.0797 4212 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:41:57.0817 4212 mrxsmb - ok
21:41:57.0853 4212 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:41:57.0884 4212 mrxsmb10 - ok
21:41:57.0908 4212 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:41:57.0952 4212 mrxsmb20 - ok
21:41:57.0978 4212 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
21:41:58.0000 4212 msahci - ok
21:41:58.0034 4212 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:41:58.0059 4212 msdsm - ok
21:41:58.0085 4212 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:41:58.0138 4212 Msfs - ok
21:41:58.0170 4212 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:41:58.0192 4212 msisadrv - ok
21:41:58.0226 4212 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:41:58.0282 4212 MSKSSRV - ok
21:41:58.0342 4212 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:41:58.0387 4212 MSPCLOCK - ok
21:41:58.0412 4212 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:41:58.0456 4212 MSPQM - ok
21:41:58.0493 4212 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:41:58.0513 4212 MsRPC - ok
21:41:58.0526 4212 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:41:58.0539 4212 mssmbios - ok
21:41:58.0558 4212 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:41:58.0624 4212 MSTEE - ok
21:41:58.0648 4212 MTsensor (dcdaab8697a47894a554050ce18d0b56) C:\Windows\system32\DRIVERS\ASACPI.sys
21:41:58.0692 4212 MTsensor - ok
21:41:58.0700 4212 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:41:58.0738 4212 Mup - ok
21:41:58.0791 4212 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:41:58.0841 4212 NativeWifiP - ok
21:41:58.0944 4212 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:41:58.0995 4212 NDIS - ok
21:41:59.0013 4212 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:41:59.0077 4212 NdisTapi - ok
21:41:59.0104 4212 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:41:59.0172 4212 Ndisuio - ok
21:41:59.0210 4212 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:41:59.0277 4212 NdisWan - ok
21:41:59.0296 4212 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:41:59.0372 4212 NDProxy - ok
21:41:59.0397 4212 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:41:59.0450 4212 NetBIOS - ok
21:41:59.0483 4212 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:41:59.0516 4212 netbt - ok
21:41:59.0540 4212 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:41:59.0563 4212 nfrd960 - ok
21:41:59.0586 4212 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:41:59.0619 4212 Npfs - ok
21:41:59.0646 4212 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:41:59.0700 4212 nsiproxy - ok
21:41:59.0769 4212 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:41:59.0845 4212 Ntfs - ok
21:41:59.0864 4212 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:41:59.0928 4212 ntrigdigi - ok
21:41:59.0953 4212 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:42:00.0005 4212 Null - ok
21:42:00.0183 4212 nvlddmkm (69d60d2ecd43d0f9f3accc16926e9128) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:42:00.0478 4212 nvlddmkm - ok
21:42:00.0580 4212 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:42:00.0594 4212 nvraid - ok
21:42:00.0618 4212 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:42:00.0631 4212 nvstor - ok
21:42:00.0675 4212 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:42:00.0734 4212 nv_agp - ok
21:42:00.0749 4212 NwlnkFlt - ok
21:42:00.0759 4212 NwlnkFwd - ok
21:42:00.0796 4212 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:42:00.0843 4212 ohci1394 - ok
21:42:00.0879 4212 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:42:00.0968 4212 Parport - ok
21:42:01.0001 4212 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:42:01.0027 4212 partmgr - ok
21:42:01.0050 4212 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:42:01.0117 4212 Parvdm - ok
21:42:01.0161 4212 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:42:01.0172 4212 pci - ok
21:42:01.0188 4212 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:42:01.0212 4212 pciide - ok
21:42:01.0239 4212 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:42:01.0265 4212 pcmcia - ok
21:42:01.0319 4212 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
21:42:01.0391 4212 pcouffin - ok
21:42:01.0437 4212 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:42:01.0522 4212 PEAUTH - ok
21:42:01.0568 4212 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:42:01.0617 4212 PptpMiniport - ok
21:42:01.0632 4212 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:42:01.0677 4212 Processor - ok
21:42:01.0717 4212 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:42:01.0748 4212 PSched - ok
21:42:01.0776 4212 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
21:42:01.0783 4212 PxHelp20 - ok
21:42:01.0833 4212 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:42:01.0903 4212 ql2300 - ok
21:42:01.0929 4212 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:42:01.0938 4212 ql40xx - ok
21:42:01.0954 4212 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:42:02.0010 4212 QWAVEdrv - ok
21:42:02.0028 4212 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:42:02.0081 4212 RasAcd - ok
21:42:02.0112 4212 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:42:02.0172 4212 Rasl2tp - ok
21:42:02.0218 4212 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:42:02.0266 4212 RasPppoe - ok
21:42:02.0307 4212 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:42:02.0341 4212 RasSstp - ok
21:42:02.0381 4212 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:42:02.0424 4212 rdbss - ok
21:42:02.0444 4212 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:42:02.0511 4212 RDPCDD - ok
21:42:02.0541 4212 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:42:02.0575 4212 rdpdr - ok
21:42:02.0583 4212 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:42:02.0653 4212 RDPENCDD - ok
21:42:02.0677 4212 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:42:02.0720 4212 RDPWD - ok
21:42:02.0763 4212 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:42:02.0813 4212 rspndr - ok
21:42:02.0865 4212 s1039bus (d0eedc88876b20d42157cdcca3e647f3) C:\Windows\system32\DRIVERS\s1039bus.sys
21:42:02.0888 4212 s1039bus - ok
21:42:02.0924 4212 s1039mdfl (7b35091a7bb597c86262c589b0b57d06) C:\Windows\system32\DRIVERS\s1039mdfl.sys
21:42:02.0945 4212 s1039mdfl - ok
21:42:02.0967 4212 s1039mdm (4cb1ab13c9813cbf3e4c6406f8043ec2) C:\Windows\system32\DRIVERS\s1039mdm.sys
21:42:02.0990 4212 s1039mdm - ok
21:42:03.0020 4212 s1039mgmt (2649ca09585a7531126dcc116ad1f88c) C:\Windows\system32\DRIVERS\s1039mgmt.sys
21:42:03.0040 4212 s1039mgmt - ok
21:42:03.0084 4212 s1039nd5 (6d3f549efd6daedd7d12f3de2175053f) C:\Windows\system32\DRIVERS\s1039nd5.sys
21:42:03.0108 4212 s1039nd5 - ok
21:42:03.0131 4212 s1039obex (305e3e3aca0037af2e2c1b50a383c91b) C:\Windows\system32\DRIVERS\s1039obex.sys
21:42:03.0156 4212 s1039obex - ok
21:42:03.0196 4212 s1039unic (7dd02a58277c84c043442561589914f4) C:\Windows\system32\DRIVERS\s1039unic.sys
21:42:03.0213 4212 s1039unic - ok
21:42:03.0245 4212 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:42:03.0281 4212 sbp2port - ok
21:42:03.0312 4212 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:42:03.0403 4212 secdrv - ok
21:42:03.0444 4212 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
21:42:03.0517 4212 Serenum - ok
21:42:03.0563 4212 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
21:42:03.0632 4212 Serial - ok
21:42:03.0662 4212 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:42:03.0709 4212 sermouse - ok
21:42:03.0769 4212 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\Windows\system32\drivers\sfdrv01a.sys
21:42:03.0808 4212 sfdrv01a - ok
21:42:03.0825 4212 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:42:03.0886 4212 sffdisk - ok
21:42:03.0915 4212 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:42:03.0987 4212 sffp_mmc - ok
21:42:04.0105 4212 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:42:04.0155 4212 sffp_sd - ok
21:42:04.0192 4212 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
21:42:04.0213 4212 sfhlp02 - ok
21:42:04.0233 4212 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:42:04.0296 4212 sfloppy - ok
21:42:04.0319 4212 sfsync04 (c526ad307ff1900bc4c864f74553f762) C:\Windows\system32\drivers\sfsync04.sys
21:42:04.0341 4212 sfsync04 - ok
21:42:04.0380 4212 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:42:04.0417 4212 sisagp - ok
21:42:04.0441 4212 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:42:04.0472 4212 SiSRaid2 - ok
21:42:04.0502 4212 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:42:04.0556 4212 SiSRaid4 - ok
21:42:04.0605 4212 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:42:04.0622 4212 Smb - ok
21:42:04.0641 4212 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:42:04.0663 4212 spldr - ok
21:42:04.0715 4212 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
21:42:04.0733 4212 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
21:42:04.0734 4212 sptd ( LockedFile.Multi.Generic ) - warning
21:42:04.0734 4212 sptd - detected LockedFile.Multi.Generic (1)
21:42:04.0767 4212 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:42:04.0844 4212 srv - ok
21:42:04.0889 4212 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:42:04.0917 4212 srv2 - ok
21:42:04.0942 4212 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:42:04.0974 4212 srvnet - ok
21:42:05.0019 4212 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:42:05.0033 4212 swenum - ok
21:42:05.0056 4212 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:42:05.0097 4212 Symc8xx - ok
21:42:05.0148 4212 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:42:05.0161 4212 Sym_hi - ok
21:42:05.0190 4212 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:42:05.0202 4212 Sym_u3 - ok
21:42:05.0267 4212 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
21:42:05.0315 4212 Tcpip - ok
21:42:05.0340 4212 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
21:42:05.0380 4212 Tcpip6 - ok
21:42:05.0419 4212 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:42:05.0471 4212 tcpipreg - ok
21:42:05.0497 4212 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:42:05.0568 4212 TDPIPE - ok
21:42:05.0598 4212 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:42:05.0646 4212 TDTCP - ok
21:42:05.0689 4212 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:42:05.0749 4212 tdx - ok
21:42:05.0789 4212 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:42:05.0804 4212 TermDD - ok
21:42:05.0836 4212 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:42:05.0887 4212 tssecsrv - ok
21:42:05.0922 4212 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:42:05.0966 4212 tunmp - ok
21:42:06.0009 4212 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:42:06.0065 4212 tunnel - ok
21:42:06.0093 4212 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:42:06.0118 4212 uagp35 - ok
21:42:06.0156 4212 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:42:06.0189 4212 udfs - ok
21:42:06.0248 4212 UDST7000BDA (131804c439558ddf31189ecd286001f4) C:\Windows\system32\Drivers\UDST7000BDA.sys
21:42:06.0272 4212 UDST7000BDA - ok
21:42:06.0308 4212 UDST7000HID (4db92bafb75d0fc732e2319b8e65512a) C:\Windows\system32\drivers\UDST7000HID.sys
21:42:06.0341 4212 UDST7000HID - ok
21:42:06.0371 4212 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:42:06.0380 4212 uliagpkx - ok
21:42:06.0418 4212 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:42:06.0457 4212 uliahci - ok
21:42:06.0491 4212 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:42:06.0527 4212 UlSata - ok
21:42:06.0561 4212 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:42:06.0570 4212 ulsata2 - ok
21:42:06.0594 4212 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:42:06.0630 4212 umbus - ok
21:42:06.0687 4212 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
21:42:06.0718 4212 usbaudio - ok
21:42:06.0741 4212 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:42:06.0786 4212 usbccgp - ok
21:42:06.0812 4212 usbcir (47b9770ea21436de4ad5aea7926e0900) C:\Windows\system32\DRIVERS\usbcir.sys
21:42:06.0880 4212 usbcir - ok
21:42:06.0927 4212 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:42:06.0965 4212 usbehci - ok
21:42:07.0016 4212 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:42:07.0060 4212 usbhub - ok
21:42:07.0086 4212 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
21:42:07.0180 4212 usbohci - ok
21:42:07.0212 4212 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:42:07.0282 4212 usbprint - ok
21:42:07.0312 4212 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:42:07.0377 4212 usbscan - ok
21:42:07.0407 4212 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:42:07.0431 4212 USBSTOR - ok
21:42:07.0452 4212 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:42:07.0495 4212 usbuhci - ok
21:42:07.0558 4212 V0420VID (e579144c0bfa5720e1da5a7783058e9a) C:\Windows\system32\DRIVERS\V0420Vid.sys
21:42:07.0611 4212 V0420VID - ok
21:42:07.0634 4212 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:42:07.0688 4212 vga - ok
21:42:07.0705 4212 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:42:07.0769 4212 VgaSave - ok
21:42:07.0792 4212 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:42:07.0816 4212 viaagp - ok
21:42:07.0844 4212 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:42:07.0906 4212 ViaC7 - ok
21:42:07.0929 4212 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:42:07.0952 4212 viaide - ok
21:42:07.0965 4212 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:42:07.0987 4212 volmgr - ok
21:42:08.0020 4212 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:42:08.0049 4212 volmgrx - ok
21:42:08.0089 4212 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:42:08.0116 4212 volsnap - ok
21:42:08.0143 4212 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:42:08.0152 4212 vsmraid - ok
21:42:08.0184 4212 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:42:08.0234 4212 WacomPen - ok
21:42:08.0250 4212 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:42:08.0294 4212 Wanarp - ok
21:42:08.0308 4212 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:42:08.0325 4212 Wanarpv6 - ok
21:42:08.0346 4212 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:42:08.0369 4212 Wd - ok
21:42:08.0397 4212 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:42:08.0447 4212 Wdf01000 - ok
21:42:08.0494 4212 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
21:42:08.0538 4212 WmiAcpi - ok
21:42:08.0587 4212 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
21:42:08.0646 4212 WpdUsb - ok
21:42:08.0671 4212 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:42:08.0734 4212 ws2ifsl - ok
21:42:08.0805 4212 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
21:42:08.0904 4212 yukonwlh - ok
21:42:08.0951 4212 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:42:09.0080 4212 \Device\Harddisk0\DR0 - ok
21:42:09.0105 4212 Boot (0x1200) (16f56dc193176189fc62f9acc3b55f37) \Device\Harddisk0\DR0\Partition0
21:42:09.0118 4212 \Device\Harddisk0\DR0\Partition0 - ok
21:42:09.0125 4212 ============================================================
21:42:09.0125 4212 Scan finished
21:42:09.0125 4212 ============================================================
21:42:09.0135 3576 Detected object count: 3
21:42:09.0135 3576 Actual detected object count: 3
21:42:24.0297 3576 LGDDCDevice ( UnsignedFile.Multi.Generic ) - skipped by user
21:42:24.0297 3576 LGDDCDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:42:24.0298 3576 LGII2CDevice ( UnsignedFile.Multi.Generic ) - skipped by user
21:42:24.0299 3576 LGII2CDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:42:24.0302 3576 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:42:24.0303 3576 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:42:34.0411 5732 Deinitialize success
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#11 Příspěvek od sobtik »

Takze dávam soubor Extras a RSIT info. OS je pořád originální od dodáni PC a ještě nebyl přeinstalován. PC je staré tři roky a vytíženost trvá asi půl roku. PS se zlepšilo.

Exrats.

OTL Extras logfile created on: 5.11.2011 20:50:39 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bartosi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,76% Memory free
4,24 Gb Paging File | 3,25 Gb Available in Paging File | 76,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457,94 Gb Total Space | 110,97 Gb Free Space | 24,23% Space Free | Partition Type: NTFS
Drive F: | 465,75 Gb Total Space | 6,84 Gb Free Space | 1,47% Space Free | Partition Type: NTFS

Computer Name: BARTOSI-PC | User Name: Bartosi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DE19AB-1010-4DA4-9135-9B6803E6CFB4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{072D7A78-50C4-4774-BAC4-34705FBFC4DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{09955FB2-FC17-4A1C-91F0-B85A21A3AD1B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5D9663D3-DD1A-48B0-9CCC-29D8A7D8E490}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7A300762-D987-4039-88EF-D3622B8A3966}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8724C9A0-3124-4E0E-8518-4FE7CF200933}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B4925942-703A-48C0-9F59-8C94D477D7AA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B54B05F1-4E7F-4E42-8F21-3D1E90CF8A53}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EBBFEC20-2FB8-4B89-B3A1-6FE500FDC82C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023BD686-4D37-4C18-BD63-A3849CE949DC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0C5F4702-AAC0-4201-9579-7EEA862A6579}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{0C860D6C-D400-49E4-98DD-757D6E4A793E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0DBFF2C5-54A6-42A7-B848-7976D77915ED}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1208C091-F7CB-4C0B-9B02-55A7725245D7}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{1C303EE2-9049-4EA3-BB6F-FFDE670A3E67}" = protocol=17 | dir=in | app=c:\zabava\hry\frontline fuel of war\binaries\ffow.exe |
"{1E7ADAAB-6CA1-4725-AF3D-B8B3E1713471}" = protocol=6 | dir=in | app=c:\zabava\hry\frontline fuel of war\binaries\ffow.exe |
"{329B3CE5-ECD8-4DC1-9E3B-CFC4BECED541}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3576E17C-4777-4A77-BA8D-B9F8E56571CC}" = protocol=17 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{3D20E1B2-BAF1-469B-81C4-C9C47FD69708}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{4F9A7F40-CD45-438F-B016-EF4C37620381}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{5A8EB3B8-D413-4D9C-BBF0-A9F4750E91AA}" = protocol=6 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{6AC69465-CD9B-4E48-ABC0-65B900786BCC}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\pmsregisterfile.exe |
"{7280445B-3FA8-4460-985B-6FB366E14729}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{73B3A3FD-AC04-46D5-9E19-342E64CC845E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{81857F54-2C59-4104-B064-448C224E5091}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{82743A98-0301-4B3E-935F-4081D54B2140}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{89E47E04-1CCB-4D46-8CBC-2F1B80865926}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{8B101D11-E489-4D91-AED9-FA2EDA7B9C0B}" = protocol=17 | dir=in | app=c:\program files\codemasters\f1 2011\f1_2011.exe |
"{8F1B9C51-DC8F-458E-A610-26A5D261125D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9113D980-5F0C-483C-8783-7A34F2C40E76}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{A84E52C0-8B97-451B-8BC0-4F299D8865BB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B0815E22-F103-4649-9ED2-830ADA6C2B7D}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{B6342022-F0DD-4651-B64D-B7CE33075AF5}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{B8D9C0D9-CBB5-4383-B179-7CB0CC4A81E3}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\pmsregisterfile.exe |
"{BDDAB6D4-BDAF-4301-8B8D-0C557E7B4318}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C1CD71C7-88FD-4DD6-9D04-9AB725FA5007}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{C8C95BFD-BC41-427E-9EDC-2395337FDCFC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D1342582-E230-4906-8050-262AF8AA9E58}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{DC7959EB-1BB4-4E08-B129-81AF649095C5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DF09F19D-9360-4F49-9394-AC72E540BE71}" = protocol=6 | dir=in | app=c:\program files\codemasters\f1 2011\f1_2011.exe |
"{F0A3EBC1-4572-4BC7-99A3-E7DE775A9E32}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{194D54FF-0616-48F1-90FF-8D434A233EF1}C:\program files\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"TCP Query User{2E7077D1-650A-4DB2-845A-A036A3F834D7}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{3DF357EC-9A5F-448F-B3DC-1F0679D0D00E}C:\program files\sightspeed\sightspeed.exe" = protocol=6 | dir=in | app=c:\program files\sightspeed\sightspeed.exe |
"TCP Query User{64A1096B-2CBE-4F91-A345-94C907A8AB85}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{6F30743E-56DA-45D0-B64E-6623F80BF7C3}C:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe" = protocol=6 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"TCP Query User{720CEA2D-AC83-4A31-A7F0-C5FA6ACBE0E2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A0A366CF-76BA-48AD-8AE9-56CA7DF19A69}C:\zabava\hry\blacksite\binaries\blacksite.exe" = protocol=6 | dir=in | app=c:\zabava\hry\blacksite\binaries\blacksite.exe |
"TCP Query User{D66593C0-C66C-41F4-AFCE-705FC0A84BF7}C:\program files\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"TCP Query User{E122EE6A-3CE8-4C02-8F0D-2161945DE1A3}C:\program files\dreamcatcher\dungeon lords\dlords.exe" = protocol=6 | dir=in | app=c:\program files\dreamcatcher\dungeon lords\dlords.exe |
"TCP Query User{E2DFC614-37F5-40FE-9A07-C1496AE80502}C:\program files\pinnacle\videospin\programs\videospin.exe" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"TCP Query User{E5C2B252-DFAD-4C76-ABC6-97F314ECA994}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{E8F8D13B-79F3-416A-A30E-F70ED9483EE6}C:\program files\instinkt\instinct.exe" = protocol=6 | dir=in | app=c:\program files\instinkt\instinct.exe |
"TCP Query User{F13C7352-3815-4986-9D9A-34BEF717B6D9}C:\zabava\hry\blacksite\binaries\blacksite.exe" = protocol=6 | dir=in | app=c:\zabava\hry\blacksite\binaries\blacksite.exe |
"UDP Query User{038D74C3-CB68-4B0C-944D-D3E298B066D5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{069D93C3-FAA5-4422-B6DB-85A4D64089C6}C:\program files\instinkt\instinct.exe" = protocol=17 | dir=in | app=c:\program files\instinkt\instinct.exe |
"UDP Query User{16EC8E6F-2EE4-49BE-B92A-F83E6D08850A}C:\program files\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"UDP Query User{1C5A8365-8200-4A2E-A8C0-36E726C336BE}C:\zabava\hry\blacksite\binaries\blacksite.exe" = protocol=17 | dir=in | app=c:\zabava\hry\blacksite\binaries\blacksite.exe |
"UDP Query User{36A47780-B376-477E-A305-3BA2E9986B93}C:\program files\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\program files\left 4 dead\left4dead.exe |
"UDP Query User{8AC4E029-4C9A-49D5-B1AF-FBF526BAA377}C:\program files\sightspeed\sightspeed.exe" = protocol=17 | dir=in | app=c:\program files\sightspeed\sightspeed.exe |
"UDP Query User{BBE61D27-6435-436A-82A2-D751297B1A21}C:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe" = protocol=17 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"UDP Query User{BF25418C-1786-4330-9795-7B45D06128D0}C:\zabava\hry\blacksite\binaries\blacksite.exe" = protocol=17 | dir=in | app=c:\zabava\hry\blacksite\binaries\blacksite.exe |
"UDP Query User{C5937944-F178-4644-B614-8ECB9CF0E3F3}C:\program files\dreamcatcher\dungeon lords\dlords.exe" = protocol=17 | dir=in | app=c:\program files\dreamcatcher\dungeon lords\dlords.exe |
"UDP Query User{D3C185DF-ED45-4D74-AD6D-A9A5870717D6}C:\program files\pinnacle\videospin\programs\videospin.exe" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"UDP Query User{F3904790-163F-44A8-A621-92381B9C3DC3}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{F8BDB565-5F25-43BF-AF7D-24AAAF95ADE9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FEF339E5-60F8-4942-BB8F-8D951736F3B3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22FB6750-ADDF-4726-B67F-6901E1991029}" = Nero 7 Essentials
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{4EDB1CA5-983F-4FC3-A8E3-E34981E05A60}" = Pinnacle VideoSpin
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1" = Kobra 11 Nitro
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.6.2.153
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793FCE60-DE5E-4977-A942-A7B69A45B17D}" = MainConcept DTV Decoder Pro
"{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}" = Pinnacle DistanTV Server
"{8075BC83-7F8F-4FE0-9792-685723B06713}" = ESET Smart Security
"{8236D2E9-2528-4C5C-ABA3-E0B8B657A297}" = BlackSite Area 51
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BCE7652D-28BA-448A-AC1A-E3BDCE532721}_is1" = Master Rallye
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6AC04F5-5916-4A02-BC36-AF5BC0A3CBD4}" = Media Go
"{C711E88C-9DC2-4254-A989-D6E017844DDF}" = Frontlines: Fuel of War
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}" = Ultimate Spider-Man (TM)
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE9F9FBC-5253-46D2-9883-09E55003D794}" = TechniSat DVB-PC TV Star
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DF0EA7E8-3F3C-4453-9DA8-54BE739E4049}_is1" = Devastation
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E96FF910-1BC9-4EE5-BC12-0A30D4E20F37}" = NWZ-E440 WALKMAN Guide
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F41D7749-D973-42E7-BD80-64309766C39E}" = Dungeon Lords
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"aTube Catcher" = aTube Catcher
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Crash Time II/EN-English_is1" = Crash Time II
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Live! Cam User's Guide" = Creative Live! Cam User's Guide
"Creative Photo Manager" = Creative Photo Manager
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup" = DivX Setup
"DVBViewer TE2_is1" = DVBViewer TE2
"eMusic Promotion" = eMusic - 50 Free MP3 offer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"hkSFV" = hkSFV (remove only)
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1096C4FA-CC07-4BE1-B73F-77BDFF4916B8}" = Hard Truck 18 Wheels of Steel
"InstallShield_{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}" = Ultimate Spider-Man (TM)
"Left 4 Dead" = Left 4 Dead
"LoomTV_is1" = LoomTV 0.95
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"NST" = Norton Safe Web Lite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"RealArcade 1.2" = RealArcade
"RealPlayer 12.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SightSpeed" = SightSpeed (remove only)
"SysInfo" = Creative System Information
"Totalcmd" = Total Commander (Remove or Repair)
"USB downloader" = USB downloader
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"Zoner Photo Map - ČR 1:100 000 - DEMO_is1" = Zoner Photo Map - ČR 1:100 000 - DEMO
"Zoner Photo Map - ČR 1:100 000_is1" = Zoner Photo Map - ČR 1:100 000
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4060839138-207930932-163455722-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.4.2011 4:40:45 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 4:40:45 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 4:55:17 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 4:55:38 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 4:55:38 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 11:37:37 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 11:38:58 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 11:39:21 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.4.2011 11:39:21 | Computer Name = Bartosi-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\real\realplayer\plugins\rmxrend.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 22.4.2011 10:42:32 | Computer Name = Bartosi-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 25.10.2011 8:45:24 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 25.10.2011 13:29:19 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 26.10.2011 9:43:59 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 27.10.2011 12:30:15 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 27.10.2011 13:12:18 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 27.10.2011 13:39:21 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 29.10.2011 9:19:13 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 31.10.2011 10:52:23 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 1.11.2011 10:03:20 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

Error - 2.11.2011 9:49:51 | Computer Name = Bartosi-PC | Source = ehRecvr | ID = 4
Description =

[ System Events ]
Error - 5.11.2011 3:56:53 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 5.11.2011 3:56:53 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5.11.2011 4:43:21 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5.11.2011 4:43:21 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5.11.2011 5:24:22 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 5.11.2011 5:44:08 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 5.11.2011 5:44:23 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 5.11.2011 5:44:23 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 5.11.2011 8:02:32 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 5.11.2011 14:47:53 | Computer Name = Bartosi-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >




RSIT.info

info.txt logfile of random's system information tool 1.09 2011-11-05 11:42:14

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->c:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->c:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->c:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->c:\Windows\UNNeroShowTime.exe /UNINSTALL
-->c:\Windows\UNNeroVision.exe /UNINSTALL
-->c:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EDB7E6-D292-44BD-8CA6-A3E33C9D7750}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Acrobat.com-->msiexec /qb /x {6421F085-1FAA-DE13-D02A-CFB412C522A4}
Acrobat.com-->MsiExec.exe /I{6421F085-1FAA-DE13-D02A-CFB412C522A4}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe -maintain plugin
Adobe Reader X (10.1.1) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Apple Application Support-->MsiExec.exe /I{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}
Apple Mobile Device Support-->MsiExec.exe /I{C23CD6DA-1958-43A5-ADD0-59396572E02E}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
aTube Catcher-->C:\Users\Bartosi\Desktop\aTube Catcher 2.0\uninstall.exe
BlackSite Area 51-->C:\Program Files\InstallShield Installation Information\{8236D2E9-2528-4C5C-ABA3-E0B8B657A297}\Setup.exe -runfromtemp -l0x0005 -removeonly
Bonjour-->MsiExec.exe /X{D03482C5-9AD8-496D-B388-692AE04C93AF}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Content Transfer-->MsiExec.exe /X{CFADE4AF-C0CF-4A04-A776-741318F1658F}
ConvertXtoDVD 3.6.2.153-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Crash Time II-->"C:\Program Files\City Interactive\Crash Time II\unins000.exe"
Creative Live! Cam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x9 /remove
Creative Live! Cam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x9 /remove
Creative Live! Cam User's Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EDB7E6-D292-44BD-8CA6-A3E33C9D7750}\setup.exe" -l0x9 /remove
Creative Live! Cam Vista IM Driver (1.00.03.0000)-->C:\Windows\CtDrvIns.exe -uninstall -script VF0420.uns -unsext NT -plugin V0420Pin.dll -pluginres CtCamPin.crl
Creative Photo Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x9 /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove
Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Devastation-->"C:\Program Files\Devastation\unins000.exe"
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Dungeon Lords-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F41D7749-D973-42E7-BD80-64309766C39E}\setup.exe" -l0x9 -removeonly
DVBViewer TE2-->"C:\Program Files\DVBViewer TE2\unins000.exe"
eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
F1 2011-->MsiExec.exe /I{434D0FA1-3E0C-4D03-A5D4-5E1000008100}
F1 2011-->MsiExec.exe /X{434D0FA1-3E0C-4D03-A5D4-5E1000008100}
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
forteManager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}\setup.exe" -l0x9 -removeonly
Frontlines: Fuel of War-->"C:\Program Files\InstallShield Installation Information\{C711E88C-9DC2-4254-A989-D6E017844DDF}\setup.exe" -runfromtemp -l0x0005 -removeonly
Google Chrome-->"C:\Program Files\Google\Chrome\Application\15.0.874.106\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_4E7D715D860E20E1.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hard Truck 18 Wheels of Steel-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1096C4FA-CC07-4BE1-B73F-77BDFF4916B8}
hkSFV (remove only)-->"C:\Program Files\hkSFV\uninst.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.4-->"C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
iTunes-->MsiExec.exe /I{C73CA646-73B3-4AEF-A136-C37505745174}
Kobra 11 Nitro-->"C:\Program Files\Kobra 11 Nitro\unins000.exe"
Left 4 Dead-->"C:\Windows\Left 4 Dead\uninstall.exe" "/U:C:\Program Files\Left 4 Dead\Uninstall\uninstall.xml"
LoomTV 0.95-->"C:\Program Files\LoomTV\unins000.exe"
MainConcept DTV Decoder Pro-->MsiExec.exe /I{793FCE60-DE5E-4977-A942-A7B69A45B17D}
Master Rallye-->"C:\Program Files\Master Rallye\unins000.exe"
Media Go-->MsiExec.exe /X{C6AC04F5-5916-4A02-BC36-AF5BC0A3CBD4}
Microsoft .NET Framework 1.1 Security Update (KB2572067)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 6.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 7 Essentials-->MsiExec.exe /X{22FB6750-ADDF-4726-B67F-6901E1991029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Safe Web Lite-->C:\Program Files\NortonInstaller\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST\LicenseType\1.0.1.8\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NWZ-E440 WALKMAN Guide-->MsiExec.exe /X{E96FF910-1BC9-4EE5-BC12-0A30D4E20F37}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Pinnacle DistanTV Server-->MsiExec.exe /X{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}
Pinnacle TVCenter Pro-->"C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe" -runfromtemp -l0x0005 -removeonly
Pinnacle VideoSpin-->MsiExec.exe /X{4EDB1CA5-983F-4FC3-A8E3-E34981E05A60}
PlayStation(R)Network Downloader-->MsiExec.exe /X{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}
PlayStation(R)Store-->MsiExec.exe /X{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C9E14402-3631-4182-B377-6B0DFB1C0339}
Rapture3D 2.4.9 Game-->"C:\Program Files\BRS\unins000.exe"
RealArcade-->C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->c:\program files\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Richard Burns Rally-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92C7D009-A464-4948-A980-7A3E28CB2F49}\setup.exe" -l0x5
Safari-->MsiExec.exe /I{735619D4-B42A-437A-958C-199BFCAEDB38}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2553074)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5729F1AE-5895-468F-9165-BAD161C9E982}
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2553073)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {65EA4836-B5A3-4C1D-8883-0C35E471003A}
Security Update for Microsoft Office Groove 2007 (KB2552997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A1CBF7D-4704-40BC-B31C-AA761884A3E4}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
SightSpeed (remove only)-->"C:\Program Files\SightSpeed\uninst.exe"
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
TechniSat DVB-PC TV Star-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE9F9FBC-5253-46D2-9883-09E55003D794}\Setup.exe" -l0x15 anything -removeonly
Total Commander (Remove or Repair)-->C:\Program Files\Totalcmd\tcuninst.exe
ubi.com-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x9 UNINSTALL-L0x9 -uninst
Ultimate Spider-Man (TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C} /l2057
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2583910)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
Update for Outlook 2007 Junk Email Filter (KB2596560)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2964DDE1-4925-4DF1-AF2C-0A36B3442228}
USB downloader-->C:\Windows\IsUninst.exe -f"C:\Program Files\HANDAN\USB downloader\Uninst.isu"
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Zoner Photo Map - ČR 1:100 000 - DEMO-->"C:\Program Files\Zoner\Photo Map - CR 100 000 - DEMO\unins000.exe"
Zoner Photo Map - ČR 1:100 000-->"C:\Program Files\Zoner\Photo Map - CR 100 000\unins000.exe"
Zoner Photo Studio 10-->"C:\Program Files\Zoner\Photo Studio 10\unins000.exe" /SILENT

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Bartosi-PC
Event Code: 7036
Message: Stav služby Služba seznamu sítí byl změněn na: Spuštěno
Record Number: 177742
Source Name: Service Control Manager
Time Written: 20110313060014.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 7036
Message: Stav služby Pomocník IP byl změněn na: Spuštěno
Record Number: 177741
Source Name: Service Control Manager
Time Written: 20110313060014.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Spuštěno
Record Number: 177740
Source Name: Service Control Manager
Time Written: 20110313060014.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 7036
Message: Stav služby Služba Výčet přenosných zařízení byl změněn na: Spuštěno
Record Number: 177739
Source Name: Service Control Manager
Time Written: 20110313060014.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 7036
Message: Stav služby Klient sledování distribuovaného odkazu byl změněn na: Spuštěno
Record Number: 177738
Source Name: Service Control Manager
Time Written: 20110313060014.000000-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Bartosi-PC
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 14078
Source Name: Microsoft-Windows-Search
Time Written: 20090909165931.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 102
Message: Windows (2912) Windows: Databázový stroj (6.00.6001.0000) spustil novou instanci (0).
Record Number: 14077
Source Name: ESENT
Time Written: 20090909165927.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 14076
Source Name: Microsoft-Windows-WMI
Time Written: 20090909165927.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 14075
Source Name: Microsoft-Windows-WMI
Time Written: 20090909165926.000000-000
Event Type: Informace
User:

Computer Name: Bartosi-PC
Event Code: 0
Message:
Record Number: 14074
Source Name: RichVideo
Time Written: 20090909165925.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Bartosi-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 54562
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407155421.491075-000
Event Type: Úspěch auditu
User:

Computer Name: Bartosi-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: BARTOSI-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x368
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 54561
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407155421.491075-000
Event Type: Úspěch auditu
User:

Computer Name: Bartosi-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: BARTOSI-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x368
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 54560
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407155421.491075-000
Event Type: Úspěch auditu
User:

Computer Name: Bartosi-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 54559
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407151014.765075-000
Event Type: Úspěch auditu
User:

Computer Name: Bartosi-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: BARTOSI-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x368
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 54558
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407151014.765075-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Pinnacle\Shared Files\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"SERINUMB"=DT122645
"WBSET"=Done
"asl.log"=Destination=file;OnFirstLog=command,environment,parent
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#12 Příspěvek od sobtik »

Provedeno tady je log.

========== OTL ==========
Process Updater.exe killed successfully!
No active process named ccSvcHst.exe was found!
Error: No service named NSL was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NSL deleted successfully.
C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-4060839138-207930932-163455722-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.0&q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: toolbar@ask.com:3.12.2.100006 removed from extensions.enabledItems
Prefs.js: avg@igeared:7.005.030.004 removed from extensions.enabledItems
Prefs.js: "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0\ deleted successfully.
C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0\ deleted successfully.
C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mcafee.com/SAFFPlugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669\ deleted successfully.
c:\program files\real\realplayer\Netscape6\nppl3260.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0\ deleted successfully.
C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669\ deleted successfully.
c:\program files\real\realplayer\Netscape6\nprjplug.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669\ deleted successfully.
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669\ deleted successfully.
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669\ deleted successfully.
c:\program files\real\realplayer\Netscape6\nprpjplug.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Bartosi\AppData\Roaming\Mozilla\Firefox\Profiles\kfcsvq7m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Components folder moved successfully.
C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome\Skin folder moved successfully.
C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome\Content folder moved successfully.
C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT\Chrome folder moved successfully.
C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-4060839138-207930932-163455722-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-4060839138-207930932-163455722-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-4060839138-207930932-163455722-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000007\ not found.
File C:\Program Files\Bonjour\mdnsNSP.dll not found.
Starting removal of ActiveX control {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
C:\Windows\Downloaded Program Files\OGAControl.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ deleted successfully.
File Protocol\Handler\sacore - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{511f5812-cb7d-11de-bfbb-001fc6dd4c1c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{511f5812-cb7d-11de-bfbb-001fc6dd4c1c}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Play.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdb04e95-09d8-11e0-9f67-001fc6dd4c1c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cdb04e95-09d8-11e0-9f67-001fc6dd4c1c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdb04e95-09d8-11e0-9f67-001fc6dd4c1c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cdb04e95-09d8-11e0-9f67-001fc6dd4c1c}\ not found.
File F:\Startme.exe not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\Norton Security Scan for Bartosi.job moved successfully.
C:\Windows\Installer\MSI2689.tmp deleted successfully.
C:\Windows\Installer\MSI2C87.tmp deleted successfully.
C:\Windows\Installer\MSI5270.tmp deleted successfully.
C:\Windows\Installer\MSI5566.tmp deleted successfully.
C:\Windows\Installer\MSI65CF.tmp deleted successfully.
C:\Windows\Installer\MSIBF54.tmp deleted successfully.
C:\Windows\Installer\MSIEAB.tmp deleted successfully.
C:\Windows\Installer\MSIFDBF.tmp deleted successfully.
C:\Windows\System32\tmp2074.tmp deleted successfully.
C:\Windows\System32\tmp3805.tmp deleted successfully.
C:\Windows\System32\tmp3D20.tmp deleted successfully.
C:\Windows\System32\tmp8C09.tmp deleted successfully.
C:\Windows\System32\tmpF70D.tmp deleted successfully.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
ADS C:\ProgramData\TEMP:ECE4A64B deleted successfully.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== COMMANDS ==========
Error: Unable to interpret <[EMTPYFLASH]> in the current context!

[EMPTYJAVA]

User: All Users

User: Bartosi

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 11062011_132928
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#13 Příspěvek od sobtik »

Mám vypnuté automatické aktualizase a defragmentaci disku jsem nedělal. Mám ji udělat?
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#14 Příspěvek od sobtik »

Už jdu nato. Až to bude tak se ozvu. Mám to potom ještě něčím pročistit?
Nahoru
sobtik
Návštěvník
Návštěvník
Příspěvky: 246
Registrován: 01 led 2008 13:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Děkuju

#15 Příspěvek od sobtik »

Nevím jak dlohu ještě pojede ta defragmentace. Už jede skoro pět hodin a je tam jenom 5%. Kolega ho zítra odpoledne potřebuje tak bych se chtěl zeptat jestli bych to měl potom ještě něčí preventivně zkontrolovat.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“