Zdravím všechny,
dostalo se mi do systému něco velmi odolného. Obvykle mi na obranu před podobnými věcmi stačí Spybot a SuperAntiSpyware. Nyní tyto nestačí. Zkoušela jsem další: Malwarebytes Anti-Malware, Norton Antivirus a Emsisoft Emergenci Toolkit, ale nepomáhá to. Resp. konkrétně se děje to, že programy občas i něco najdou (opakované spouštění, aktualizace), dají to do karantény, či to smažou, ale problémy v systému se dějí dál. Pro příklad uvádím poslední report z Norton Antivirus http://s000.tinyupload.com/index.php?fi ... &gk=laptop a některé nálezy z Emsisoftu http://i42.tinypic.com/imqfxi.jpg a http://i44.tinypic.com/11mgxtk.jpg
Havěť v systému se projevuje několika způsoby:
- Odstavila instalační program ve Windows. Instalačky s koncovkou .msi se nespustí, hlásí to chybu: "Nebylo možné získat přístup k instalační službě systému Windows. ..." Reinstalace instalační služby Windows nepomohla. Nejde tak nainstalovat např. obvyklý balík od Emsisoft, Ad-Aware, ani Windows Defender.
- Odstavila připojení k internetu. Programy mají potíže s aktualizací. Při pokusu o aktualizaci to hlásí nedostupné připojení k internetu. Občas se ani nepodaří připojit na internet v prohlížeči. Občas ani není modem jako položka ve správci zařízení.
- Odstavila aktualizace Windows. Automatické aktualizace se nestahují. Při pokusu o ruční stažení aktualizací z webu stránka hlásí "Na webu došlo k potížím a požadovanou stránku nelze zobrazit. Níže uvedené možnosti mohou pomoci při odstranění potíží." A níže uvedené možnosti nevedou k řešení.
- Odstavila antivirus Avast. Po startu systému se hlásil jako nespuštěný, vyžadoval restart, restart nepomáhal.
- Norton Antivirus se sice nainstaloval (po odinstalaci Avastu), ale nespouští se při startu.
- Při startu systému se hlásí nové nalezený hardware SCSI/RAID Host Controlel a žádá to k němu ovladač, který ale samozřejmě nemáme.
- Chvíli házel chybu i správce zařízení, že prý nelze spustit konzolu MMC, protože není nainstalován Internet Explorer vyšší než vrze 5.5 (tuto chybu už ale systém nehlásí)
Na vaše fórum čas od času chodím a zatím jsem tu vždy našla odpovědi na své otázky v řešení problémů jiných. Nyní poprvé sama hlásím problém. Předem děkuji za jakoukoliv radu.
Log následuje vzápětí.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Odolná havěť v systému s mnoha projevy - prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mike at 2011-11-24 08:25:56
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 44 GB (38%) free of 116 GB
Total RAM: 2815 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:26:04, on 24.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\RTHDCPL.EXE
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\RunDLL32.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Steam\steam.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Documents and Settings\Mike\Plocha\RSIT.exe
C:\Program Files\trend micro\Mike.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 74.208.73.101 qvc.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O1 - Hosts: 74.175.65.66 lupa.com
O1 - Hosts: 207.200.66.53 liveintercom.com
O1 - Hosts: 71.96.135.20 keenspace.com
O1 - Hosts: 202.51.107.37 jetsoftware.com
O1 - Hosts: 60.251.54.208 jamba.com
O1 - Hosts: 222.161.3.133 ir.com
O1 - Hosts: 200.24.227.170 investopedia.com
O1 - Hosts: 202.149.24.216 choiceradio.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 141.76.45.18 chip.com
O1 - Hosts: 128.006.192.15 redv.net
O1 - Hosts: 194.42.17.124 cgi.com
O1 - Hosts: 199.26.254.66 centcomm.com
O1 - Hosts: 202.149.24.216 digitallook.com
O1 - Hosts: 60.251.189.134 domainfactory.com
O1 - Hosts: 222.161.3.133 dvdfocomm.nu
O1 - Hosts: 157.95.56.15 e-kolay.com
O1 - Hosts: 85.249.23.115 eurosport.com
O1 - Hosts: 189.104.149.61 f1cd.com
O1 - Hosts: 125.162.92.234 free6.com
O1 - Hosts: 80.81.159.20 cdmworldsoftware.com
O1 - Hosts: 117.102.101.219 grafika.com
O1 - Hosts: 85.249.23.115 adware-delete.com
O1 - Hosts: 69.89.22.135 hbv.com
O1 - Hosts: 92.48.201.39 protectorsuite.com
O1 - Hosts: 128.31.1.16 howstuffworks.com
O1 - Hosts: 132.239.17.2 httpool.com
O1 - Hosts: 85.249.23.117 hyena.com
O1 - Hosts: 219.139.158.59 iinfo.com67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 74.208.73.101 qvc.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: (no name) - {998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D} - (no file)
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (file missing)
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [PC-Checkup] "C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe" -mini
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Free PDF Print Dispatcher] C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\Windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Uniblue ProcessQuickLink 2] "C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - http://software.seznam.cz/listicka/toolbar.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.8.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/Im ... oolbar.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - http://service.futuremark.com/gom/receiver/tc/FMSI.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PCSpeedUp Service (PCSpeedUpService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Unknown owner - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing)
--
End of file - 18346 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AdobeAAMUpdater-1.0-ACER-64B9BF4930-Mike.job
C:\Windows\tasks\AppleSoftwareUpdate.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1509661768-2596670817-2537616161-1006Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1509661768-2596670817-2537616161-1006UA.job
C:\Windows\tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {cbafdacb-a320-4294-9516-494f93d5d1b3}:1.0.6, googletube@googletube.com:2.0.2, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, cs@dictionaries.addons.mozilla.org:1.0.2, {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, exif_viewer@mozilla.doslash.org:1.60, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, buckts@buckts.com:0.18, {261a7cc7-4cbe-4741-bd5f-1ebdd0c63f7b}:0.2.2, en-GB@dictionaries.addons.mozilla.org:1.19.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
bookmarks-2010-07-24.json
browsercomps.dll
nppl3260.xpt
npscriptable.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npracplug.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default\extensions\
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
googletube@googletube.com
plugin3@gameplaylabs.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{cbafdacb-a320-4294-9516-494f93d5d1b3}
C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default\searchplugins\
slovnk-encz.xml
wikipedia-en.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-18 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo2.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-06-01 16208384]
"SkyTel"=C:\Windows\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\Windows\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2006-08-11 110592]
"PCMService"=C:\Program Files\CyberLink\PowerCinema\PCMService.exe [2006-07-26 143360]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe []
"PC-Checkup"=C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe -mini []
"KernelFaultCheck"=C:\Windows\system32\dumprep 0 -k []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-08-09 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-05-16 86960]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
"Nikon Transfer Monitor"=C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2009-05-29 479232]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-06-27 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe []
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin []
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]
""= []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-08 1226608]
"Free PDF Print Dispatcher"=C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe [2010-01-15 25600]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2011-03-11 93360]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2010-07-01 220336]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2011-06-18 273544]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-11-13 421736]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2011-10-08 16744256]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2011-10-08 1632360]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\Windows\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-06-02 136176]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-03-29 399736]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-07-18 3077528]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-06-24 20880]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-11-16 4617600]
"Steam"=C:\Program Files\Steam\steam.exe [2011-11-20 1242448]
"Uniblue ProcessQuickLink 2"=C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe [2008-04-02 655640]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{097F10A7-487F-4457-AB1F-827C59479A72}"= []
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"NoDispCPL"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoFolderOptions"=0
"NoDriveTypeAutoRun"=255
"NoRun"=0
"NoClose"=0
"NoSetFolders"=0
"NoTrayContextMenu"=0
"NoLogoff"=0
"StartMenuLogOff"=0
"NoWindowsUpdate"=0
"NoDrives"=0
"NoViewOnDrive"=0
"NoFind"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Aspyr\Dark Sector\DS.exe"="C:\Program Files\Aspyr\Dark Sector\DS.exe:*:Enabled:Dark Sector"
"C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Demo\SCDA-Offline\System\SplinterCell4.exe"="C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Demo\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe"="C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia"
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe"="C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\STAHUJ\[PC] Shadowrun XP + VISTA [RIP] [dopeman]\Shadowrun\Shadowrun.exe"="C:\STAHUJ\[PC] Shadowrun XP + VISTA [RIP] [dopeman]\Shadowrun\Shadowrun.exe:*:Enabled:Shadowrun"
"C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"D:\TORR\Left.4.Dead.Full-Rip.Skullptura\Left 4 Dead\left4dead.exe"="D:\TORR\Left.4.Dead.Full-Rip.Skullptura\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"D:\Left 4 Dead\left4dead.exe"="D:\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"C:\Documents and Settings\Mike\Plocha\vpn-muni.cz.pbk"="C:\Documents and Settings\Mike\Plocha\vpn-muni.cz.pbk:*:Enabled:vpn-muni.cz"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Samsung\Intelli-studio\iStudio.exe"="C:\Program Files\Samsung\Intelli-studio\iStudio.exe:*:Enabled:Samsung Intelli-studio"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\TmUnitedForever\TmForever.exe"="C:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
"C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\might and magic clash of heroes\ClashOfHeroes.exe"="C:\Program Files\Steam\steamapps\common\might and magic clash of heroes\ClashOfHeroes.exe:*:Enabled:Might and Magic: Clash of Heroes"
"C:\Documents and Settings\Mike\Local Settings\Temp\7zS25.tmp\SymNRT.exe"="C:\Documents and Settings\Mike\Local Settings\Temp\7zS25.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=serwvdrv.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.VP40"=vp4vfw.dll
"Msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"=mpegacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.I420"=msh263.drv
"VIDC.ACDV"=ACDV.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit -
.js - open -
======List of files/folders created in the last 1 month======
2011-11-24 08:23:45 ----ASH---- C:\hiberfil.sys
2011-11-24 08:21:38 ----D---- C:\rsit
2011-11-24 08:21:38 ----D---- C:\Program Files\trend micro
2011-11-23 22:37:44 ----D---- C:\Windows\system32\drivers\NAV
2011-11-23 15:27:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\PCSettings
2011-11-23 15:17:38 ----A---- C:\Windows\OEWABLog.txt
2011-11-23 14:41:07 ----D---- C:\Program Files\Windows Sidebar
2011-11-23 12:33:11 ----D---- C:\Documents and Settings\Mike\Data aplikací\EurekaLog
2011-11-23 07:15:04 ----D---- C:\Windows\LastGood.Tmp
2011-11-23 03:11:07 ----A---- C:\Windows\imsins.BAK
2011-11-23 03:05:54 ----D---- C:\Documents and Settings\Mike\Data aplikací\Uniblue
2011-11-23 03:05:51 ----D---- C:\Program Files\Uniblue
2011-11-23 02:40:26 ----D---- C:\RRTVAULT
2011-11-23 02:35:35 ----D---- C:\Program Files\Emsisoft Anti-Malware
2011-11-21 21:24:20 ----A---- C:\Windows\SchedLgU.Txt
2011-11-21 21:20:01 ----A---- C:\Windows\ntbtlog.txt
2011-11-21 21:19:30 ----D---- C:\Documents and Settings\Mike\Data aplikací\Malwarebytes
2011-11-21 21:19:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-11-21 21:19:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-21 21:19:24 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-11-21 21:14:40 ----D---- C:\Program Files\CCleaner
2011-11-21 21:07:00 ----D---- C:\Documents and Settings\Mike\Data aplikací\QuickScan
2011-11-20 22:19:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Media Get LLC
2011-11-20 15:37:04 ----D---- C:\Program Files\Common Files\Steam
2011-11-20 15:37:01 ----D---- C:\Program Files\Steam
2011-11-20 11:43:25 ----D---- C:\Documents and Settings\Mike\Data aplikací\NVIDIA
2011-11-20 11:07:25 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-11-20 11:05:55 ----A---- C:\Windows\system32\nvgenco32.dll
2011-11-20 11:05:54 ----A---- C:\Windows\system32\nvdispco32.dll
2011-11-20 10:59:20 ----D---- C:\Program Files\Yontoo Layers Runtime
2011-11-20 10:54:32 ----D---- C:\ATI
2011-11-19 11:30:09 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-11-19 11:30:09 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-11-19 11:30:08 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-11-19 11:30:07 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-11-19 11:30:07 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-11-19 11:30:06 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-11-19 11:30:06 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-11-19 11:30:05 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-11-19 11:10:17 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65E.tmp
2011-11-19 11:10:11 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65D.tmp
2011-11-19 11:10:10 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65C.tmp
2011-11-19 11:10:08 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65B.tmp
2011-11-18 20:37:19 ----D---- C:\Program Files\QuickTime
2011-11-18 20:28:56 ----D---- C:\Program Files\iPod
2011-11-18 20:28:49 ----D---- C:\Program Files\iTunes
2011-11-12 00:00:48 ----HDC---- C:\Windows\$NtUninstallKB2641690$
2011-11-09 00:03:51 ----HDC---- C:\Windows\$NtUninstallKB2544893-v2$
2011-11-02 22:37:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERSetup
2011-10-27 08:33:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vocals
2011-10-27 08:31:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\business-inkjet
2011-10-27 08:31:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tuner
======List of files/folders modified in the last 1 month======
2011-11-24 08:25:00 ----D---- C:\Documents and Settings\Mike\Data aplikací\uTorrent
2011-11-24 08:24:06 ----D---- C:\Windows\system32\CatRoot2
2011-11-24 08:21:38 ----RD---- C:\Program Files
2011-11-23 23:41:46 ----D---- C:\Windows\temp
2011-11-23 23:36:16 ----D---- C:\Program Files\AVAST Software
2011-11-23 23:36:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-11-23 23:24:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-11-23 23:23:43 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-11-23 23:23:42 ----AD---- C:\Windows\system32\drivers
2011-11-23 23:23:41 ----AD---- C:\Windows\system32
2011-11-23 22:44:44 ----SHD---- C:\System Volume Information
2011-11-23 22:32:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2011-11-23 17:56:32 ----SHD---- C:\Windows\Installer
2011-11-23 17:56:23 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2011-11-23 15:32:48 ----SD---- C:\Windows\Tasks
2011-11-23 15:17:42 ----A---- C:\Windows\win.ini
2011-11-23 15:17:40 ----AD---- C:\WINDOWS
2011-11-23 15:17:30 ----D---- C:\Documents and Settings
2011-11-23 14:57:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2011-11-23 14:21:53 ----HD---- C:\Windows\inf
2011-11-23 14:21:32 ----RSHD---- C:\Windows\system32\dllcache
2011-11-23 14:21:32 ----D---- C:\Windows\system32\cs-cz
2011-11-23 14:21:32 ----D---- C:\Windows\Help
2011-11-23 14:21:32 ----D---- C:\Program Files\Internet Explorer
2011-11-23 14:13:54 ----A---- C:\Windows\system.ini
2011-11-23 13:09:58 ----D---- C:\Windows\ie8updates
2011-11-23 13:09:14 ----D---- C:\Windows\WBEM
2011-11-23 13:09:14 ----D---- C:\Windows\Media
2011-11-23 07:15:35 ----D---- C:\Windows\system32\CatRoot
2011-11-23 07:02:41 ----A---- C:\BOOT.INI
2011-11-23 07:02:38 ----D---- C:\Windows\pss
2011-11-23 03:11:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-22 23:36:49 ----D---- C:\Windows\Prefetch
2011-11-22 23:29:25 ----D---- C:\Windows\system32\ias
2011-11-22 00:48:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-11-22 00:41:05 ----D---- C:\Windows\SoftwareDistribution
2011-11-22 00:21:30 ----HDC---- C:\Windows\$NtUninstallKB2141007$
2011-11-21 21:23:35 ----D---- C:\Windows\Microsoft.NET
2011-11-21 21:16:52 ----D---- C:\Documents and Settings\Mike\Data aplikací\Winamp
2011-11-21 21:16:52 ----D---- C:\Documents and Settings\Mike\Data aplikací\Media Player Classic
2011-11-21 21:16:40 ----D---- C:\Windows\Minidump
2011-11-21 21:16:40 ----D---- C:\Windows\Logs
2011-11-21 21:16:40 ----D---- C:\Windows\Debug
2011-11-21 20:50:16 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-11-21 18:49:23 ----D---- C:\Program Files\SUPERAntiSpyware
2011-11-21 17:29:42 ----HD---- C:\Config.Msi
2011-11-21 17:29:40 ----D---- C:\Windows\WinSxS
2011-11-21 17:25:08 ----D---- C:\Windows\system32\DirectX
2011-11-20 22:53:20 ----D---- C:\AAA OLYMPUS ib
2011-11-20 20:52:43 ----D---- C:\AAA NIKON
2011-11-20 17:31:28 ----D---- C:\4613d56e161de63d390aa5dbed77a3
2011-11-20 17:29:19 ----D---- C:\WMC
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallWudf01005$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallwmp11$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallWMFDist11$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallWdf01007$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982802$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982665$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982381$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982214$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982132$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981997$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981957$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981852$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981793$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981349$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981322$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980436$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980232$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980218$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980195$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980182$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979687$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979683$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979559$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979482$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979402_WM9$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979309$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978695_WM9$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978601$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978542$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978338$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB977816$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB975562$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB975558_WM8$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB971961$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB971513$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB971029$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB954154_WM11$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB952011$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB942288-v3$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB926139-v2$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2616676-v2$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2592799$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2570947$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2570791$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2570222$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2567680$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2567053$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2566454$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2564958$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2562937$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2555917$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2544893$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2544521$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2541763$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2536276-v2$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2536276$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2535512$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2524375$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2511455$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2510581$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2509553$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2508429$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2508272$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2507938$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2507618$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2506223$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2506212$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2503665$
2011-11-20 17:29:17 ----HD---- C:\Windows\$NtUninstallWudf01000$
2011-11-20 17:29:17 ----HD---- C:\Windows\$NtUninstallWIC$
2011-11-20 17:29:17 ----HD---- C:\Windows\$NtUninstallMSCompPackV1$
2011-11-20 17:29:17 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2503658$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2485663$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2485376$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2483185$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2481109$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2479943$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2479628$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2478971$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2478960$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2476687$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2476490$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2467659$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2443685$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2443105$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2440591$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2436673$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2423089$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2419632$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2412687$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2393802$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2387149$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2378111_WM9$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2360937$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2347290$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2345886$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2296199$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2296011$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2286198$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2279986$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2259922$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2229593$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2160329$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2158563$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2121546$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2115168$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2079403$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallbasecsp$
2011-11-20 17:29:16 ----HD---- C:\Windows\$NtServicePackUninstallNLSDownlevelMapping$
2011-11-20 17:29:16 ----HD---- C:\Windows\$NtServicePackUninstallIDNMitigationAPIs$
2011-11-20 17:29:16 ----HD---- C:\Windows\$NtServicePackUninstall$
2011-11-20 17:29:16 ----HD---- C:\Windows\$hf_mig$
2011-11-20 17:29:14 ----D---- C:\users
2011-11-20 17:29:14 ----D---- C:\totalcmd
2011-11-20 17:29:14 ----D---- C:\TEXCACHE
2011-11-20 17:29:14 ----D---- C:\TempProjekty
2011-11-20 17:29:13 ----D---- C:\Temp
2011-11-20 17:29:13 ----D---- C:\SYSINFO
2011-11-20 17:29:13 ----D---- C:\STAHUJ
2011-11-20 17:29:13 ----D---- C:\Programs
2011-11-20 17:29:13 ----D---- C:\Program Files\Acer
2011-11-20 17:29:13 ----D---- C:\NVIDIA
2011-11-20 17:29:13 ----D---- C:\MIA Fotky
2011-11-20 17:29:13 ----D---- C:\ib
2011-11-20 17:29:13 ----D---- C:\drv
2011-11-20 17:29:13 ----D---- C:\Acer
2011-11-20 17:29:13 ----D---- C:\AAA_B
2011-11-20 17:29:13 ----AD---- C:\i386
2011-11-20 17:29:13 ----AD---- C:\dotnetfx
2011-11-20 17:18:21 ----D---- C:\Documents and Settings\Mike\Data aplikací\Ahead
2011-11-20 16:16:54 ----D---- C:\Program Files\LANGMaster
2011-11-20 15:37:04 ----RD---- C:\Program Files\Common Files
2011-11-20 11:07:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-11-20 11:07:43 ----D---- C:\Program Files\NVIDIA Corporation
2011-11-20 11:06:28 ----D---- C:\Windows\system32\ReinstallBackups
2011-11-19 11:28:15 ----D---- C:\Program Files\SiSoftware
2011-11-19 00:28:00 ----D---- C:\Documents and Settings\Mike\Data aplikací\Mozilla
2011-11-18 20:28:52 ----D---- C:\Program Files\Common Files\Apple
2011-11-15 09:23:32 ----A---- C:\Windows\NeroDigital.ini
2011-11-14 16:44:20 ----D---- C:\Documents and Settings\Mike\Data aplikací\Apple Computer
2011-11-10 18:33:21 ----A---- C:\Windows\wincmd.ini
2011-11-09 09:32:18 ----D---- C:\Program Files\Mozilla Firefox
2011-11-09 00:00:40 ----A---- C:\Windows\system32\MRT.exe
2011-10-30 20:59:45 ----D---- C:\Documents and Settings\Mike\Data aplikací\Intelli-studio
2011-10-27 08:33:26 ----D---- C:\Program Files\Common Files\Nikon
2011-10-27 08:31:48 ----D---- C:\Program Files\Nikon
2011-10-27 08:29:12 ----A---- C:\Windows\system32\ATL71.DLL
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvata;nvata; C:\Windows\system32\DRIVERS\nvata.sys [2006-06-28 105088]
R0 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-06-28 105088]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\Windows\system32\drivers\nvraid.sys [2006-06-28 89344]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\Windows\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-05-13 111808]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x); C:\Windows\System32\drivers\sfsync03.sys [2005-12-06 35328]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-09-29 66048]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-03-10 715248]
R0 vax347b;vax347b; C:\Windows\system32\DRIVERS\vax347b.sys [2005-07-08 159616]
R0 vax347s;vax347s; C:\Windows\System32\Drivers\vax347s.sys [2004-04-30 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\Windows\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 AmdK8;Ovladač procesoru AMD; C:\Windows\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 kbfilter;Keyboard Filter Driver; C:\Windows\system32\drivers\kbfilter.sys [2002-07-11 12856]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-05-13 79488]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 UsbFltr;WayTechUSBFilterDriver; C:\Windows\system32\drivers\UsbFltr.sys [2003-12-29 8576]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\Windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BridgeMP;Miniport mostu MAC; C:\Windows\system32\DRIVERS\bridge.sys [2008-04-13 71552]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\Windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-06-05 4284928]
R3 Iviaspi;IVI ASPI Shell; C:\Windows\system32\drivers\iviaspi.sys [2005-09-20 10368]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 mouhid;Ovladač myši standardu HID; C:\Windows\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\Windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-08-17 6144]
R3 nv;nv; C:\Windows\system32\DRIVERS\nv4_mini.sys [2011-10-08 12791488]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-02-17 25216]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk51x86.sys [2006-06-29 244864]
S0 wygtuxv;wygtuxv; C:\Windows\System32\drivers\aplqjx.sys []
S1 ethpoiwr;ethpoiwr; C:\Windows\system32\drivers\ethpoiwr.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-07 278984]
S2 ithsgt;ithsgt; C:\Windows\system32\DRIVERS\ithsgt.sys [2008-03-11 162432]
S2 kydqbuvk;kydqbuvk; \??\C:\WINDOWS\system32\drivers\ddvdseooc.sys []
S2 lilsgt;lilsgt; C:\Windows\system32\DRIVERS\lilsgt.sys [2008-03-11 12032]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-03-11 25416]
S2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\zntport.sys []
S3 AMDMSRIO;AMDMSRIO; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys []
S3 aqm7tot6;aqm7tot6; C:\Windows\system32\drivers\aqm7tot6.sys []
S3 Bridge;Most MAC; C:\Windows\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 ddxgb;ddxgb; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\ddxgb.sys []
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2011-01-29 20032]
S3 dtscsi;dtscsi; C:\Windows\System32\Drivers\dtscsi.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2007-11-14 25544]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\Windows\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\Windows\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\Windows\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\Windows\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360]
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2007-05-11 47360]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP1d\WNt500x86\Sandra.sys []
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\Windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\Windows\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\Windows\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\Windows\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\Windows\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\Windows\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
S2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2011-11-16 2996784]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
S2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe []
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-07-26 266338]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-07-26 114784]
S2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [2006-07-26 1073152]
S2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-10-25 217088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-13 136176]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\nlssrv32.exe [2011-02-21 66560]
S2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvsvc32.exe [2011-10-08 298304]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-08 2253120]
S2 PCSpeedUpService;PCSpeedUp Service; C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-05-15 75136]
S2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\Windows\system32\sfrem01.exe [2006-05-10 353912]
S2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
S2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\Windows\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-13 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 821608]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2011-04-24 4066168]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2010-02-17 15872]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe [2008-11-06 93848]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe []
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-------EOF-------
Run by Mike at 2011-11-24 08:25:56
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 44 GB (38%) free of 116 GB
Total RAM: 2815 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:26:04, on 24.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\RTHDCPL.EXE
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\RunDLL32.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Steam\steam.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Documents and Settings\Mike\Plocha\RSIT.exe
C:\Program Files\trend micro\Mike.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 74.208.73.101 qvc.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O1 - Hosts: 74.175.65.66 lupa.com
O1 - Hosts: 207.200.66.53 liveintercom.com
O1 - Hosts: 71.96.135.20 keenspace.com
O1 - Hosts: 202.51.107.37 jetsoftware.com
O1 - Hosts: 60.251.54.208 jamba.com
O1 - Hosts: 222.161.3.133 ir.com
O1 - Hosts: 200.24.227.170 investopedia.com
O1 - Hosts: 202.149.24.216 choiceradio.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 141.76.45.18 chip.com
O1 - Hosts: 128.006.192.15 redv.net
O1 - Hosts: 194.42.17.124 cgi.com
O1 - Hosts: 199.26.254.66 centcomm.com
O1 - Hosts: 202.149.24.216 digitallook.com
O1 - Hosts: 60.251.189.134 domainfactory.com
O1 - Hosts: 222.161.3.133 dvdfocomm.nu
O1 - Hosts: 157.95.56.15 e-kolay.com
O1 - Hosts: 85.249.23.115 eurosport.com
O1 - Hosts: 189.104.149.61 f1cd.com
O1 - Hosts: 125.162.92.234 free6.com
O1 - Hosts: 80.81.159.20 cdmworldsoftware.com
O1 - Hosts: 117.102.101.219 grafika.com
O1 - Hosts: 85.249.23.115 adware-delete.com
O1 - Hosts: 69.89.22.135 hbv.com
O1 - Hosts: 92.48.201.39 protectorsuite.com
O1 - Hosts: 128.31.1.16 howstuffworks.com
O1 - Hosts: 132.239.17.2 httpool.com
O1 - Hosts: 85.249.23.117 hyena.com
O1 - Hosts: 219.139.158.59 iinfo.com67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 74.208.73.101 qvc.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: (no name) - {998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D} - (no file)
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (file missing)
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [PC-Checkup] "C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe" -mini
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Free PDF Print Dispatcher] C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\Windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Uniblue ProcessQuickLink 2] "C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - http://software.seznam.cz/listicka/toolbar.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.8.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/Im ... oolbar.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - http://service.futuremark.com/gom/receiver/tc/FMSI.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PCSpeedUp Service (PCSpeedUpService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Unknown owner - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing)
--
End of file - 18346 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AdobeAAMUpdater-1.0-ACER-64B9BF4930-Mike.job
C:\Windows\tasks\AppleSoftwareUpdate.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1509661768-2596670817-2537616161-1006Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1509661768-2596670817-2537616161-1006UA.job
C:\Windows\tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {cbafdacb-a320-4294-9516-494f93d5d1b3}:1.0.6, googletube@googletube.com:2.0.2, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, cs@dictionaries.addons.mozilla.org:1.0.2, {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, exif_viewer@mozilla.doslash.org:1.60, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, buckts@buckts.com:0.18, {261a7cc7-4cbe-4741-bd5f-1ebdd0c63f7b}:0.2.2, en-GB@dictionaries.addons.mozilla.org:1.19.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
bookmarks-2010-07-24.json
browsercomps.dll
nppl3260.xpt
npscriptable.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npracplug.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default\extensions\
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
googletube@googletube.com
plugin3@gameplaylabs.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{cbafdacb-a320-4294-9516-494f93d5d1b3}
C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default\searchplugins\
slovnk-encz.xml
wikipedia-en.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-18 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo2.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-06-01 16208384]
"SkyTel"=C:\Windows\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\Windows\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2006-08-11 110592]
"PCMService"=C:\Program Files\CyberLink\PowerCinema\PCMService.exe [2006-07-26 143360]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe []
"PC-Checkup"=C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe -mini []
"KernelFaultCheck"=C:\Windows\system32\dumprep 0 -k []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-08-09 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-05-16 86960]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
"Nikon Transfer Monitor"=C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2009-05-29 479232]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-06-27 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe []
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin []
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]
""= []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-08 1226608]
"Free PDF Print Dispatcher"=C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe [2010-01-15 25600]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2011-03-11 93360]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2010-07-01 220336]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2011-06-18 273544]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-11-13 421736]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2011-10-08 16744256]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2011-10-08 1632360]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\Windows\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-06-02 136176]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-03-29 399736]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-07-18 3077528]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-06-24 20880]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-11-16 4617600]
"Steam"=C:\Program Files\Steam\steam.exe [2011-11-20 1242448]
"Uniblue ProcessQuickLink 2"=C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe [2008-04-02 655640]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{097F10A7-487F-4457-AB1F-827C59479A72}"= []
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"NoDispCPL"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoFolderOptions"=0
"NoDriveTypeAutoRun"=255
"NoRun"=0
"NoClose"=0
"NoSetFolders"=0
"NoTrayContextMenu"=0
"NoLogoff"=0
"StartMenuLogOff"=0
"NoWindowsUpdate"=0
"NoDrives"=0
"NoViewOnDrive"=0
"NoFind"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Aspyr\Dark Sector\DS.exe"="C:\Program Files\Aspyr\Dark Sector\DS.exe:*:Enabled:Dark Sector"
"C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Demo\SCDA-Offline\System\SplinterCell4.exe"="C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Demo\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe"="C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia"
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe"="C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\STAHUJ\[PC] Shadowrun XP + VISTA [RIP] [dopeman]\Shadowrun\Shadowrun.exe"="C:\STAHUJ\[PC] Shadowrun XP + VISTA [RIP] [dopeman]\Shadowrun\Shadowrun.exe:*:Enabled:Shadowrun"
"C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"D:\TORR\Left.4.Dead.Full-Rip.Skullptura\Left 4 Dead\left4dead.exe"="D:\TORR\Left.4.Dead.Full-Rip.Skullptura\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"D:\Left 4 Dead\left4dead.exe"="D:\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"C:\Documents and Settings\Mike\Plocha\vpn-muni.cz.pbk"="C:\Documents and Settings\Mike\Plocha\vpn-muni.cz.pbk:*:Enabled:vpn-muni.cz"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Samsung\Intelli-studio\iStudio.exe"="C:\Program Files\Samsung\Intelli-studio\iStudio.exe:*:Enabled:Samsung Intelli-studio"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\TmUnitedForever\TmForever.exe"="C:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
"C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Mike\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\might and magic clash of heroes\ClashOfHeroes.exe"="C:\Program Files\Steam\steamapps\common\might and magic clash of heroes\ClashOfHeroes.exe:*:Enabled:Might and Magic: Clash of Heroes"
"C:\Documents and Settings\Mike\Local Settings\Temp\7zS25.tmp\SymNRT.exe"="C:\Documents and Settings\Mike\Local Settings\Temp\7zS25.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=serwvdrv.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.VP40"=vp4vfw.dll
"Msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"=mpegacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.I420"=msh263.drv
"VIDC.ACDV"=ACDV.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======File associations======
.js - edit -
.js - open -
======List of files/folders created in the last 1 month======
2011-11-24 08:23:45 ----ASH---- C:\hiberfil.sys
2011-11-24 08:21:38 ----D---- C:\rsit
2011-11-24 08:21:38 ----D---- C:\Program Files\trend micro
2011-11-23 22:37:44 ----D---- C:\Windows\system32\drivers\NAV
2011-11-23 15:27:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\PCSettings
2011-11-23 15:17:38 ----A---- C:\Windows\OEWABLog.txt
2011-11-23 14:41:07 ----D---- C:\Program Files\Windows Sidebar
2011-11-23 12:33:11 ----D---- C:\Documents and Settings\Mike\Data aplikací\EurekaLog
2011-11-23 07:15:04 ----D---- C:\Windows\LastGood.Tmp
2011-11-23 03:11:07 ----A---- C:\Windows\imsins.BAK
2011-11-23 03:05:54 ----D---- C:\Documents and Settings\Mike\Data aplikací\Uniblue
2011-11-23 03:05:51 ----D---- C:\Program Files\Uniblue
2011-11-23 02:40:26 ----D---- C:\RRTVAULT
2011-11-23 02:35:35 ----D---- C:\Program Files\Emsisoft Anti-Malware
2011-11-21 21:24:20 ----A---- C:\Windows\SchedLgU.Txt
2011-11-21 21:20:01 ----A---- C:\Windows\ntbtlog.txt
2011-11-21 21:19:30 ----D---- C:\Documents and Settings\Mike\Data aplikací\Malwarebytes
2011-11-21 21:19:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-11-21 21:19:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-21 21:19:24 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-11-21 21:14:40 ----D---- C:\Program Files\CCleaner
2011-11-21 21:07:00 ----D---- C:\Documents and Settings\Mike\Data aplikací\QuickScan
2011-11-20 22:19:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Media Get LLC
2011-11-20 15:37:04 ----D---- C:\Program Files\Common Files\Steam
2011-11-20 15:37:01 ----D---- C:\Program Files\Steam
2011-11-20 11:43:25 ----D---- C:\Documents and Settings\Mike\Data aplikací\NVIDIA
2011-11-20 11:07:25 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-11-20 11:05:55 ----A---- C:\Windows\system32\nvgenco32.dll
2011-11-20 11:05:54 ----A---- C:\Windows\system32\nvdispco32.dll
2011-11-20 10:59:20 ----D---- C:\Program Files\Yontoo Layers Runtime
2011-11-20 10:54:32 ----D---- C:\ATI
2011-11-19 11:30:09 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-11-19 11:30:09 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-11-19 11:30:08 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-11-19 11:30:07 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-11-19 11:30:07 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-11-19 11:30:06 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-11-19 11:30:06 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-11-19 11:30:05 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-11-19 11:10:17 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65E.tmp
2011-11-19 11:10:11 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65D.tmp
2011-11-19 11:10:10 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65C.tmp
2011-11-19 11:10:08 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml65B.tmp
2011-11-18 20:37:19 ----D---- C:\Program Files\QuickTime
2011-11-18 20:28:56 ----D---- C:\Program Files\iPod
2011-11-18 20:28:49 ----D---- C:\Program Files\iTunes
2011-11-12 00:00:48 ----HDC---- C:\Windows\$NtUninstallKB2641690$
2011-11-09 00:03:51 ----HDC---- C:\Windows\$NtUninstallKB2544893-v2$
2011-11-02 22:37:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERSetup
2011-10-27 08:33:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vocals
2011-10-27 08:31:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\business-inkjet
2011-10-27 08:31:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tuner
======List of files/folders modified in the last 1 month======
2011-11-24 08:25:00 ----D---- C:\Documents and Settings\Mike\Data aplikací\uTorrent
2011-11-24 08:24:06 ----D---- C:\Windows\system32\CatRoot2
2011-11-24 08:21:38 ----RD---- C:\Program Files
2011-11-23 23:41:46 ----D---- C:\Windows\temp
2011-11-23 23:36:16 ----D---- C:\Program Files\AVAST Software
2011-11-23 23:36:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-11-23 23:24:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-11-23 23:23:43 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-11-23 23:23:42 ----AD---- C:\Windows\system32\drivers
2011-11-23 23:23:41 ----AD---- C:\Windows\system32
2011-11-23 22:44:44 ----SHD---- C:\System Volume Information
2011-11-23 22:32:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2011-11-23 17:56:32 ----SHD---- C:\Windows\Installer
2011-11-23 17:56:23 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2011-11-23 15:32:48 ----SD---- C:\Windows\Tasks
2011-11-23 15:17:42 ----A---- C:\Windows\win.ini
2011-11-23 15:17:40 ----AD---- C:\WINDOWS
2011-11-23 15:17:30 ----D---- C:\Documents and Settings
2011-11-23 14:57:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2011-11-23 14:21:53 ----HD---- C:\Windows\inf
2011-11-23 14:21:32 ----RSHD---- C:\Windows\system32\dllcache
2011-11-23 14:21:32 ----D---- C:\Windows\system32\cs-cz
2011-11-23 14:21:32 ----D---- C:\Windows\Help
2011-11-23 14:21:32 ----D---- C:\Program Files\Internet Explorer
2011-11-23 14:13:54 ----A---- C:\Windows\system.ini
2011-11-23 13:09:58 ----D---- C:\Windows\ie8updates
2011-11-23 13:09:14 ----D---- C:\Windows\WBEM
2011-11-23 13:09:14 ----D---- C:\Windows\Media
2011-11-23 07:15:35 ----D---- C:\Windows\system32\CatRoot
2011-11-23 07:02:41 ----A---- C:\BOOT.INI
2011-11-23 07:02:38 ----D---- C:\Windows\pss
2011-11-23 03:11:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-22 23:36:49 ----D---- C:\Windows\Prefetch
2011-11-22 23:29:25 ----D---- C:\Windows\system32\ias
2011-11-22 00:48:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-11-22 00:41:05 ----D---- C:\Windows\SoftwareDistribution
2011-11-22 00:21:30 ----HDC---- C:\Windows\$NtUninstallKB2141007$
2011-11-21 21:23:35 ----D---- C:\Windows\Microsoft.NET
2011-11-21 21:16:52 ----D---- C:\Documents and Settings\Mike\Data aplikací\Winamp
2011-11-21 21:16:52 ----D---- C:\Documents and Settings\Mike\Data aplikací\Media Player Classic
2011-11-21 21:16:40 ----D---- C:\Windows\Minidump
2011-11-21 21:16:40 ----D---- C:\Windows\Logs
2011-11-21 21:16:40 ----D---- C:\Windows\Debug
2011-11-21 20:50:16 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-11-21 18:49:23 ----D---- C:\Program Files\SUPERAntiSpyware
2011-11-21 17:29:42 ----HD---- C:\Config.Msi
2011-11-21 17:29:40 ----D---- C:\Windows\WinSxS
2011-11-21 17:25:08 ----D---- C:\Windows\system32\DirectX
2011-11-20 22:53:20 ----D---- C:\AAA OLYMPUS ib
2011-11-20 20:52:43 ----D---- C:\AAA NIKON
2011-11-20 17:31:28 ----D---- C:\4613d56e161de63d390aa5dbed77a3
2011-11-20 17:29:19 ----D---- C:\WMC
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallWudf01005$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallwmp11$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallWMFDist11$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallWdf01007$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982802$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982665$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982381$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982214$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB982132$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981997$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981957$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981852$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981793$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981349$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB981322$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980436$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980232$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980218$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980195$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB980182$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979687$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979683$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979559$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979482$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979402_WM9$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB979309$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978695_WM9$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978601$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978542$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB978338$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB977816$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB975562$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB975558_WM8$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB971961$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB971513$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB971029$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB954154_WM11$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB952011$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB942288-v3$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB926139-v2$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2616676-v2$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2592799$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2570947$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2570791$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2570222$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2567680$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2567053$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2566454$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2564958$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2562937$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2555917$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2544893$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2544521$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2541763$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2536276-v2$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2536276$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2535512$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2524375$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2511455$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2510581$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2509553$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2508429$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2508272$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2507938$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2507618$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2506223$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2506212$
2011-11-20 17:29:17 ----HDC---- C:\Windows\$NtUninstallKB2503665$
2011-11-20 17:29:17 ----HD---- C:\Windows\$NtUninstallWudf01000$
2011-11-20 17:29:17 ----HD---- C:\Windows\$NtUninstallWIC$
2011-11-20 17:29:17 ----HD---- C:\Windows\$NtUninstallMSCompPackV1$
2011-11-20 17:29:17 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2503658$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2485663$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2485376$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2483185$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2481109$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2479943$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2479628$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2478971$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2478960$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2476687$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2476490$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2467659$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2443685$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2443105$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2440591$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2436673$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2423089$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2419632$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2412687$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2393802$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2387149$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2378111_WM9$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2360937$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2347290$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2345886$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2296199$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2296011$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2286198$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2279986$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2259922$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2229593$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2160329$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2158563$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2121546$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2115168$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallKB2079403$
2011-11-20 17:29:16 ----HDC---- C:\Windows\$NtUninstallbasecsp$
2011-11-20 17:29:16 ----HD---- C:\Windows\$NtServicePackUninstallNLSDownlevelMapping$
2011-11-20 17:29:16 ----HD---- C:\Windows\$NtServicePackUninstallIDNMitigationAPIs$
2011-11-20 17:29:16 ----HD---- C:\Windows\$NtServicePackUninstall$
2011-11-20 17:29:16 ----HD---- C:\Windows\$hf_mig$
2011-11-20 17:29:14 ----D---- C:\users
2011-11-20 17:29:14 ----D---- C:\totalcmd
2011-11-20 17:29:14 ----D---- C:\TEXCACHE
2011-11-20 17:29:14 ----D---- C:\TempProjekty
2011-11-20 17:29:13 ----D---- C:\Temp
2011-11-20 17:29:13 ----D---- C:\SYSINFO
2011-11-20 17:29:13 ----D---- C:\STAHUJ
2011-11-20 17:29:13 ----D---- C:\Programs
2011-11-20 17:29:13 ----D---- C:\Program Files\Acer
2011-11-20 17:29:13 ----D---- C:\NVIDIA
2011-11-20 17:29:13 ----D---- C:\MIA Fotky
2011-11-20 17:29:13 ----D---- C:\ib
2011-11-20 17:29:13 ----D---- C:\drv
2011-11-20 17:29:13 ----D---- C:\Acer
2011-11-20 17:29:13 ----D---- C:\AAA_B
2011-11-20 17:29:13 ----AD---- C:\i386
2011-11-20 17:29:13 ----AD---- C:\dotnetfx
2011-11-20 17:18:21 ----D---- C:\Documents and Settings\Mike\Data aplikací\Ahead
2011-11-20 16:16:54 ----D---- C:\Program Files\LANGMaster
2011-11-20 15:37:04 ----RD---- C:\Program Files\Common Files
2011-11-20 11:07:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-11-20 11:07:43 ----D---- C:\Program Files\NVIDIA Corporation
2011-11-20 11:06:28 ----D---- C:\Windows\system32\ReinstallBackups
2011-11-19 11:28:15 ----D---- C:\Program Files\SiSoftware
2011-11-19 00:28:00 ----D---- C:\Documents and Settings\Mike\Data aplikací\Mozilla
2011-11-18 20:28:52 ----D---- C:\Program Files\Common Files\Apple
2011-11-15 09:23:32 ----A---- C:\Windows\NeroDigital.ini
2011-11-14 16:44:20 ----D---- C:\Documents and Settings\Mike\Data aplikací\Apple Computer
2011-11-10 18:33:21 ----A---- C:\Windows\wincmd.ini
2011-11-09 09:32:18 ----D---- C:\Program Files\Mozilla Firefox
2011-11-09 00:00:40 ----A---- C:\Windows\system32\MRT.exe
2011-10-30 20:59:45 ----D---- C:\Documents and Settings\Mike\Data aplikací\Intelli-studio
2011-10-27 08:33:26 ----D---- C:\Program Files\Common Files\Nikon
2011-10-27 08:31:48 ----D---- C:\Program Files\Nikon
2011-10-27 08:29:12 ----A---- C:\Windows\system32\ATL71.DLL
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvata;nvata; C:\Windows\system32\DRIVERS\nvata.sys [2006-06-28 105088]
R0 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-06-28 105088]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\Windows\system32\drivers\nvraid.sys [2006-06-28 89344]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\Windows\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-05-13 111808]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x); C:\Windows\System32\drivers\sfsync03.sys [2005-12-06 35328]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-09-29 66048]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-03-10 715248]
R0 vax347b;vax347b; C:\Windows\system32\DRIVERS\vax347b.sys [2005-07-08 159616]
R0 vax347s;vax347s; C:\Windows\System32\Drivers\vax347s.sys [2004-04-30 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\Windows\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 AmdK8;Ovladač procesoru AMD; C:\Windows\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 kbfilter;Keyboard Filter Driver; C:\Windows\system32\drivers\kbfilter.sys [2002-07-11 12856]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-05-13 79488]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 UsbFltr;WayTechUSBFilterDriver; C:\Windows\system32\drivers\UsbFltr.sys [2003-12-29 8576]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\Windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BridgeMP;Miniport mostu MAC; C:\Windows\system32\DRIVERS\bridge.sys [2008-04-13 71552]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\Windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-06-05 4284928]
R3 Iviaspi;IVI ASPI Shell; C:\Windows\system32\drivers\iviaspi.sys [2005-09-20 10368]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 mouhid;Ovladač myši standardu HID; C:\Windows\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\Windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-08-17 6144]
R3 nv;nv; C:\Windows\system32\DRIVERS\nv4_mini.sys [2011-10-08 12791488]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-02-17 25216]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk51x86.sys [2006-06-29 244864]
S0 wygtuxv;wygtuxv; C:\Windows\System32\drivers\aplqjx.sys []
S1 ethpoiwr;ethpoiwr; C:\Windows\system32\drivers\ethpoiwr.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-07 278984]
S2 ithsgt;ithsgt; C:\Windows\system32\DRIVERS\ithsgt.sys [2008-03-11 162432]
S2 kydqbuvk;kydqbuvk; \??\C:\WINDOWS\system32\drivers\ddvdseooc.sys []
S2 lilsgt;lilsgt; C:\Windows\system32\DRIVERS\lilsgt.sys [2008-03-11 12032]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-03-11 25416]
S2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\zntport.sys []
S3 AMDMSRIO;AMDMSRIO; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys []
S3 aqm7tot6;aqm7tot6; C:\Windows\system32\drivers\aqm7tot6.sys []
S3 Bridge;Most MAC; C:\Windows\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 ddxgb;ddxgb; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\ddxgb.sys []
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2011-01-29 20032]
S3 dtscsi;dtscsi; C:\Windows\System32\Drivers\dtscsi.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2007-11-14 25544]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\Windows\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\Windows\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\Windows\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\Windows\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360]
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2007-05-11 47360]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP1d\WNt500x86\Sandra.sys []
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\Windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\Windows\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\Windows\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\Windows\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\Windows\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\Windows\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
S2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2011-11-16 2996784]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
S2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe []
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-07-26 266338]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-07-26 114784]
S2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [2006-07-26 1073152]
S2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-10-25 217088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-13 136176]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\nlssrv32.exe [2011-02-21 66560]
S2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvsvc32.exe [2011-10-08 298304]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-08 2253120]
S2 PCSpeedUpService;PCSpeedUp Service; C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-05-15 75136]
S2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\Windows\system32\sfrem01.exe [2006-05-10 353912]
S2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
S2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\Windows\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-13 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 821608]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2011-04-24 4066168]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2010-02-17 15872]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe [2008-11-06 93848]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe []
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-------EOF-------
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Hezké dopoledne 
Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.
Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Ahoj motji,motji píše:Hezké dopoledne
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.
zkusila jsem a log je zde. TDSKiller našel jeden podezřelý soubor. Možnost "Cure" se však nenabízela. Pouze karanténa nebo výmaz, tak jsem to vložila do karantény. Restart to nechtělo.
14:10:44.0890 3192 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
14:10:45.0062 3192 ============================================================
14:10:45.0062 3192 Current date / time: 2011/11/24 14:10:45.0062
14:10:45.0062 3192 SystemInfo:
14:10:45.0062 3192
14:10:45.0062 3192 OS Version: 5.1.2600 ServicePack: 3.0
14:10:45.0062 3192 Product type: Workstation
14:10:45.0062 3192 ComputerName: ACER-64B9BF4930
14:10:45.0062 3192 UserName: Mike
14:10:45.0062 3192 Windows directory: C:\Windows
14:10:45.0062 3192 System windows directory: C:\Windows
14:10:45.0062 3192 Processor architecture: Intel x86
14:10:45.0062 3192 Number of processors: 1
14:10:45.0062 3192 Page size: 0x1000
14:10:45.0062 3192 Boot type: Normal boot
14:10:45.0062 3192 ============================================================
14:10:47.0968 3192 Initialize success
14:10:53.0468 2844 ============================================================
14:10:53.0468 2844 Scan started
14:10:53.0468 2844 Mode: Manual;
14:10:53.0468 2844 ============================================================
14:10:54.0078 2844 Abiosdsk - ok
14:10:54.0093 2844 abp480n5 - ok
14:10:54.0171 2844 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\Windows\system32\DRIVERS\ACPI.sys
14:10:54.0171 2844 ACPI - ok
14:10:54.0234 2844 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\Windows\system32\drivers\ACPIEC.sys
14:10:54.0234 2844 ACPIEC - ok
14:10:54.0375 2844 adpu160m - ok
14:10:54.0468 2844 aec (8bed39e3c35d6a489438b8141717a557) C:\Windows\system32\drivers\aec.sys
14:10:54.0468 2844 aec - ok
14:10:54.0515 2844 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\Windows\system32\drivers\Afc.sys
14:10:54.0515 2844 Afc - ok
14:10:54.0703 2844 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\Windows\System32\drivers\afd.sys
14:10:54.0703 2844 AFD - ok
14:10:54.0734 2844 Aha154x - ok
14:10:54.0750 2844 aic78u2 - ok
14:10:54.0765 2844 aic78xx - ok
14:10:54.0796 2844 AliIde - ok
14:10:54.0890 2844 AmdK8 (f6f5e047369784e607f3a636ac576148) C:\Windows\system32\DRIVERS\AmdK8.sys
14:10:54.0890 2844 AmdK8 - ok
14:10:55.0000 2844 AMDMSRIO - ok
14:10:55.0125 2844 amsint - ok
14:10:55.0203 2844 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\Windows\system32\DRIVERS\arp1394.sys
14:10:55.0203 2844 Arp1394 - ok
14:10:55.0296 2844 asc - ok
14:10:55.0312 2844 asc3350p - ok
14:10:55.0328 2844 asc3550 - ok
14:10:55.0390 2844 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\Windows\system32\DRIVERS\asyncmac.sys
14:10:55.0406 2844 AsyncMac - ok
14:10:55.0437 2844 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\Windows\system32\DRIVERS\atapi.sys
14:10:55.0437 2844 atapi - ok
14:10:55.0531 2844 Atdisk - ok
14:10:55.0593 2844 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys
14:10:55.0593 2844 atksgt - ok
14:10:55.0640 2844 Atmarpc (9916c1225104ba14794209cfa8012159) C:\Windows\system32\DRIVERS\atmarpc.sys
14:10:55.0640 2844 Atmarpc - ok
14:10:55.0828 2844 audstub (d9f724aa26c010a217c97606b160ed68) C:\Windows\system32\DRIVERS\audstub.sys
14:10:55.0828 2844 audstub - ok
14:10:55.0890 2844 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\Windows\system32\drivers\Beep.sys
14:10:55.0890 2844 Beep - ok
14:10:56.0031 2844 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\Windows\system32\DRIVERS\bridge.sys
14:10:56.0031 2844 Bridge - ok
14:10:56.0062 2844 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\Windows\system32\DRIVERS\bridge.sys
14:10:56.0062 2844 BridgeMP - ok
14:10:56.0093 2844 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\Windows\system32\drivers\cbidf2k.sys
14:10:56.0093 2844 cbidf2k - ok
14:10:56.0109 2844 cd20xrnt - ok
14:10:56.0140 2844 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\Windows\system32\drivers\Cdaudio.sys
14:10:56.0140 2844 Cdaudio - ok
14:10:56.0156 2844 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\Windows\system32\drivers\Cdfs.sys
14:10:56.0156 2844 Cdfs - ok
14:10:56.0281 2844 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\Windows\system32\DRIVERS\cdrom.sys
14:10:56.0281 2844 Cdrom - ok
14:10:56.0312 2844 Changer - ok
14:10:56.0359 2844 CmdIde - ok
14:10:56.0421 2844 Cpqarray - ok
14:10:56.0515 2844 cpuz130 - ok
14:10:56.0546 2844 cpuz132 - ok
14:10:56.0593 2844 CrystalSysInfo - ok
14:10:56.0703 2844 dac2w2k - ok
14:10:56.0718 2844 dac960nt - ok
14:10:56.0843 2844 ddxgb - ok
14:10:57.0015 2844 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\Windows\system32\drivers\dgderdrv.sys
14:10:57.0015 2844 dgderdrv - ok
14:10:57.0062 2844 Disk (044452051f3e02e7963599fc8f4f3e25) C:\Windows\system32\DRIVERS\disk.sys
14:10:57.0062 2844 Disk - ok
14:10:57.0203 2844 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\Windows\system32\drivers\dmboot.sys
14:10:57.0218 2844 dmboot - ok
14:10:57.0265 2844 dmio (fff1720af51171f32f1ead5cf71f2810) C:\Windows\system32\drivers\dmio.sys
14:10:57.0265 2844 dmio - ok
14:10:57.0390 2844 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\Windows\system32\drivers\dmload.sys
14:10:57.0390 2844 dmload - ok
14:10:57.0421 2844 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\Windows\system32\drivers\DMusic.sys
14:10:57.0421 2844 DMusic - ok
14:10:57.0453 2844 dpti2o - ok
14:10:57.0484 2844 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\Windows\system32\drivers\drmkaud.sys
14:10:57.0484 2844 drmkaud - ok
14:10:57.0593 2844 dtscsi - ok
14:10:57.0625 2844 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
14:10:57.0625 2844 ENTECH - ok
14:10:57.0671 2844 ethpoiwr - ok
14:10:57.0781 2844 Fastfat (38d332a6d56af32635675f132548343e) C:\Windows\system32\drivers\Fastfat.sys
14:10:57.0781 2844 Fastfat - ok
14:10:57.0937 2844 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\Windows\system32\DRIVERS\fdc.sys
14:10:57.0937 2844 Fdc - ok
14:10:57.0968 2844 Fips (ac366695a0796560aa37215ad5762aaf) C:\Windows\system32\drivers\Fips.sys
14:10:57.0968 2844 Fips - ok
14:10:58.0015 2844 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\Windows\system32\DRIVERS\flpydisk.sys
14:10:58.0015 2844 Flpydisk - ok
14:10:58.0125 2844 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\Windows\system32\drivers\fltmgr.sys
14:10:58.0125 2844 FltMgr - ok
14:10:58.0203 2844 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS
14:10:58.0203 2844 FsUsbExDisk - ok
14:10:58.0328 2844 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\Windows\system32\drivers\Fs_Rec.sys
14:10:58.0328 2844 Fs_Rec - ok
14:10:58.0359 2844 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\Windows\system32\DRIVERS\ftdisk.sys
14:10:58.0359 2844 Ftdisk - ok
14:10:58.0390 2844 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:10:58.0390 2844 GEARAspiWDM - ok
14:10:58.0500 2844 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\Windows\system32\DRIVERS\msgpc.sys
14:10:58.0500 2844 Gpc - ok
14:10:58.0593 2844 hamachi (64b48a0d899deca24c424a2cac3ecffa) C:\Windows\system32\DRIVERS\hamachi.sys
14:10:58.0593 2844 hamachi - ok
14:10:58.0734 2844 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:10:58.0734 2844 HDAudBus - ok
14:10:58.0781 2844 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\Windows\system32\DRIVERS\hidusb.sys
14:10:58.0781 2844 hidusb - ok
14:10:58.0796 2844 hpn - ok
14:10:58.0859 2844 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\Windows\system32\DRIVERS\HPZid412.sys
14:10:58.0859 2844 HPZid412 - ok
14:10:59.0000 2844 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\Windows\system32\DRIVERS\HPZipr12.sys
14:10:59.0000 2844 HPZipr12 - ok
14:10:59.0015 2844 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\Windows\system32\DRIVERS\HPZius12.sys
14:10:59.0031 2844 HPZius12 - ok
14:10:59.0078 2844 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\Windows\system32\Drivers\HTTP.sys
14:10:59.0078 2844 HTTP - ok
14:10:59.0203 2844 i2omgmt - ok
14:10:59.0218 2844 i2omp - ok
14:10:59.0265 2844 i8042prt (c528e27945367191e7bae364930b6932) C:\Windows\system32\DRIVERS\i8042prt.sys
14:10:59.0265 2844 i8042prt - ok
14:10:59.0296 2844 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\Windows\system32\DRIVERS\imapi.sys
14:10:59.0296 2844 Imapi - ok
14:10:59.0343 2844 ini910u - ok
14:10:59.0562 2844 IntcAzAudAddService (3000e98f519cf6fda669bae8e47f7b4f) C:\Windows\system32\drivers\RtkHDAud.sys
14:10:59.0593 2844 IntcAzAudAddService - ok
14:10:59.0718 2844 IntelIde - ok
14:10:59.0781 2844 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\Windows\system32\drivers\ip6fw.sys
14:10:59.0781 2844 Ip6Fw - ok
14:10:59.0812 2844 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:10:59.0812 2844 IpFilterDriver - ok
14:10:59.0843 2844 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\Windows\system32\DRIVERS\ipinip.sys
14:10:59.0843 2844 IpInIp - ok
14:11:00.0000 2844 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\Windows\system32\DRIVERS\ipnat.sys
14:11:00.0000 2844 IpNat - ok
14:11:00.0171 2844 IPSec (23c74d75e36e7158768dd63d92789a91) C:\Windows\system32\DRIVERS\ipsec.sys
14:11:00.0187 2844 IPSec - ok
14:11:00.0203 2844 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\Windows\system32\DRIVERS\irenum.sys
14:11:00.0203 2844 IRENUM - ok
14:11:00.0250 2844 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\Windows\system32\DRIVERS\isapnp.sys
14:11:00.0250 2844 isapnp - ok
14:11:00.0406 2844 ithsgt (b7a5fadf67136fda7e8f25303565b674) C:\Windows\system32\DRIVERS\ithsgt.sys
14:11:00.0406 2844 ithsgt - ok
14:11:00.0453 2844 Iviaspi (4ac11b2250106774f694df2db4ffed61) C:\Windows\system32\drivers\iviaspi.sys
14:11:00.0453 2844 Iviaspi - ok
14:11:00.0625 2844 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\Windows\system32\DRIVERS\kbdclass.sys
14:11:00.0625 2844 Kbdclass - ok
14:11:00.0671 2844 kbdhid (065b5a83aa78c0c7047bf22e0ab5c821) C:\Windows\system32\DRIVERS\kbdhid.sys
14:11:00.0671 2844 kbdhid - ok
14:11:00.0734 2844 kbfilter (5c8d9984005f4d67ac58a94fb05aff2e) C:\Windows\system32\drivers\kbfilter.sys
14:11:00.0734 2844 kbfilter - ok
14:11:00.0921 2844 kmixer (692bcf44383d056aed41b045a323d378) C:\Windows\system32\drivers\kmixer.sys
14:11:00.0921 2844 kmixer - ok
14:11:01.0015 2844 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
14:11:01.0015 2844 KMWDFILTER - ok
14:11:01.0125 2844 KSecDD (b467646c54cc746128904e1654c750c1) C:\Windows\system32\drivers\KSecDD.sys
14:11:01.0125 2844 KSecDD - ok
14:11:01.0171 2844 kydqbuvk - ok
14:11:01.0187 2844 lbrtfdc - ok
14:11:01.0250 2844 lilsgt (16767ea492b5d140e1de3679a65eae74) C:\Windows\system32\DRIVERS\lilsgt.sys
14:11:01.0250 2844 lilsgt - ok
14:11:01.0359 2844 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys
14:11:01.0359 2844 lirsgt - ok
14:11:01.0375 2844 MBAMSwissArmy - ok
14:11:01.0421 2844 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
14:11:01.0421 2844 mcdbus - ok
14:11:01.0500 2844 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\Windows\system32\drivers\mnmdd.sys
14:11:01.0500 2844 mnmdd - ok
14:11:01.0609 2844 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\Windows\system32\drivers\Modem.sys
14:11:01.0609 2844 Modem - ok
14:11:01.0640 2844 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\Windows\system32\drivers\MODEMCSA.sys
14:11:01.0640 2844 MODEMCSA - ok
14:11:01.0671 2844 Mouclass (4cb582831dbde63ce43b45d771218374) C:\Windows\system32\DRIVERS\mouclass.sys
14:11:01.0671 2844 Mouclass - ok
14:11:01.0828 2844 mouhid (bb269eba740737ab749b214d568b6812) C:\Windows\system32\DRIVERS\mouhid.sys
14:11:01.0828 2844 mouhid - ok
14:11:01.0875 2844 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\Windows\system32\drivers\MountMgr.sys
14:11:01.0875 2844 MountMgr - ok
14:11:01.0921 2844 mraid35x - ok
14:11:01.0968 2844 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\Windows\system32\DRIVERS\mrxdav.sys
14:11:01.0968 2844 MRxDAV - ok
14:11:02.0093 2844 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:11:02.0109 2844 MRxSmb - ok
14:11:02.0187 2844 Msfs (c941ea2454ba8350021d774daf0f1027) C:\Windows\system32\drivers\Msfs.sys
14:11:02.0187 2844 Msfs - ok
14:11:02.0312 2844 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\Windows\system32\drivers\MSKSSRV.sys
14:11:02.0312 2844 MSKSSRV - ok
14:11:02.0328 2844 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:11:02.0328 2844 MSPCLOCK - ok
14:11:02.0406 2844 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\Windows\system32\drivers\MSPQM.sys
14:11:02.0406 2844 MSPQM - ok
14:11:02.0515 2844 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\Windows\system32\DRIVERS\mssmbios.sys
14:11:02.0515 2844 mssmbios - ok
14:11:02.0609 2844 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\Windows\system32\drivers\Mup.sys
14:11:02.0609 2844 Mup - ok
14:11:02.0796 2844 NDIS (1df7f42665c94b825322fae71721130d) C:\Windows\system32\drivers\NDIS.sys
14:11:02.0796 2844 NDIS - ok
14:11:02.0859 2844 ndiscm (b797ee2ef919c95561dee78b72b33e5b) C:\Windows\system32\DRIVERS\NetMotCM.sys
14:11:02.0859 2844 ndiscm - ok
14:11:02.0937 2844 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\Windows\system32\DRIVERS\ndistapi.sys
14:11:02.0937 2844 NdisTapi - ok
14:11:03.0062 2844 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\Windows\system32\DRIVERS\ndisuio.sys
14:11:03.0062 2844 Ndisuio - ok
14:11:03.0109 2844 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\Windows\system32\DRIVERS\ndiswan.sys
14:11:03.0109 2844 NdisWan - ok
14:11:03.0203 2844 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\Windows\system32\drivers\NDProxy.sys
14:11:03.0203 2844 NDProxy - ok
14:11:03.0343 2844 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\Windows\system32\DRIVERS\netbios.sys
14:11:03.0343 2844 NetBIOS - ok
14:11:03.0437 2844 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\Windows\system32\DRIVERS\netbt.sys
14:11:03.0437 2844 NetBT - ok
14:11:03.0625 2844 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\Windows\system32\DRIVERS\nic1394.sys
14:11:03.0625 2844 NIC1394 - ok
14:11:03.0875 2844 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\Windows\system32\drivers\Npfs.sys
14:11:03.0875 2844 Npfs - ok
14:11:03.0953 2844 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
14:11:03.0953 2844 NPPTNT2 - ok
14:11:04.0125 2844 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\Windows\system32\drivers\Ntfs.sys
14:11:04.0125 2844 Ntfs - ok
14:11:04.0171 2844 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
14:11:04.0171 2844 NTIDrvr - ok
14:11:04.0312 2844 Nuapbr - ok
14:11:04.0328 2844 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\Windows\system32\drivers\Null.sys
14:11:04.0328 2844 Null - ok
14:11:04.0687 2844 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\Windows\system32\DRIVERS\nv4_mini.sys
14:11:04.0984 2844 nv - ok
14:11:05.0109 2844 nvata (9eccd189a9554c30a0d18a429778c7ba) C:\Windows\system32\DRIVERS\nvata.sys
14:11:05.0125 2844 nvata - ok
14:11:05.0140 2844 nvatabus (9eccd189a9554c30a0d18a429778c7ba) C:\Windows\system32\drivers\nvatabus.sys
14:11:05.0140 2844 nvatabus - ok
14:11:05.0171 2844 nvraid (fec5bf206886b880b429216c63528aa2) C:\Windows\system32\drivers\nvraid.sys
14:11:05.0171 2844 nvraid - ok
14:11:05.0203 2844 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\Windows\system32\DRIVERS\nwlnkflt.sys
14:11:05.0203 2844 NwlnkFlt - ok
14:11:05.0265 2844 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\Windows\system32\DRIVERS\nwlnkfwd.sys
14:11:05.0265 2844 NwlnkFwd - ok
14:11:05.0296 2844 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\Windows\system32\DRIVERS\ohci1394.sys
14:11:05.0296 2844 ohci1394 - ok
14:11:05.0437 2844 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\Windows\system32\DRIVERS\parport.sys
14:11:05.0437 2844 Parport - ok
14:11:05.0468 2844 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\Windows\system32\drivers\PartMgr.sys
14:11:05.0468 2844 PartMgr - ok
14:11:05.0500 2844 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\Windows\system32\drivers\ParVdm.sys
14:11:05.0500 2844 ParVdm - ok
14:11:05.0656 2844 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
14:11:05.0656 2844 pccsmcfd - ok
14:11:05.0687 2844 PCI (6ce351d149cb4befc702951e471e1730) C:\Windows\system32\DRIVERS\pci.sys
14:11:05.0687 2844 PCI - ok
14:11:05.0718 2844 PCIDump - ok
14:11:05.0765 2844 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\Windows\system32\DRIVERS\pciide.sys
14:11:05.0765 2844 PCIIde - ok
14:11:05.0921 2844 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
14:11:05.0921 2844 PCLEPCI - ok
14:11:05.0968 2844 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\Windows\system32\drivers\Pcmcia.sys
14:11:05.0968 2844 Pcmcia - ok
14:11:06.0000 2844 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
14:11:06.0000 2844 pcouffin - ok
14:11:06.0156 2844 PDCOMP - ok
14:11:06.0171 2844 PDFRAME - ok
14:11:06.0187 2844 PDRELI - ok
14:11:06.0203 2844 PDRFRAME - ok
14:11:06.0218 2844 perc2 - ok
14:11:06.0234 2844 perc2hib - ok
14:11:06.0312 2844 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\Windows\system32\DRIVERS\raspptp.sys
14:11:06.0312 2844 PptpMiniport - ok
14:11:06.0343 2844 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\Windows\system32\DRIVERS\processr.sys
14:11:06.0343 2844 Processor - ok
14:11:06.0390 2844 prodrv06 (f2e3c8f1eb6ba0733e0a1f6373df7957) C:\Windows\System32\drivers\prodrv06.sys
14:11:06.0390 2844 prodrv06 - ok
14:11:06.0515 2844 prohlp02 (150307b52807d0c493c605ab913038ad) C:\Windows\system32\drivers\prohlp02.sys
14:11:06.0515 2844 prohlp02 - ok
14:11:06.0546 2844 prosync1 (f3471e7971ee62420451d958da635064) C:\Windows\system32\drivers\prosync1.sys
14:11:06.0546 2844 prosync1 - ok
14:11:06.0593 2844 PSched (09298ec810b07e5d582cb3a3f9255424) C:\Windows\system32\DRIVERS\psched.sys
14:11:06.0593 2844 PSched - ok
14:11:06.0609 2844 psdfilter - ok
14:11:06.0625 2844 psdvdisk - ok
14:11:06.0671 2844 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\Windows\system32\DRIVERS\ptilink.sys
14:11:06.0671 2844 Ptilink - ok
14:11:06.0859 2844 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
14:11:06.0859 2844 PxHelp20 - ok
14:11:06.0875 2844 ql1080 - ok
14:11:06.0890 2844 Ql10wnt - ok
14:11:06.0906 2844 ql12160 - ok
14:11:06.0921 2844 ql1240 - ok
14:11:06.0937 2844 ql1280 - ok
14:11:06.0968 2844 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\Windows\system32\DRIVERS\rasacd.sys
14:11:06.0968 2844 RasAcd - ok
14:11:07.0000 2844 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:11:07.0000 2844 Rasl2tp - ok
14:11:07.0031 2844 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\Windows\system32\DRIVERS\raspppoe.sys
14:11:07.0031 2844 RasPppoe - ok
14:11:07.0062 2844 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\Windows\system32\DRIVERS\raspti.sys
14:11:07.0062 2844 Raspti - ok
14:11:07.0093 2844 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\Windows\system32\DRIVERS\rdbss.sys
14:11:07.0093 2844 Rdbss - ok
14:11:07.0125 2844 RDPCDD (4912d5b403614ce99c28420f75353332) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:11:07.0125 2844 RDPCDD - ok
14:11:07.0203 2844 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\Windows\system32\drivers\RDPWD.sys
14:11:07.0203 2844 RDPWD - ok
14:11:07.0296 2844 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\Windows\system32\DRIVERS\redbook.sys
14:11:07.0296 2844 redbook - ok
14:11:07.0343 2844 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\Windows\system32\Drivers\RootMdm.sys
14:11:07.0343 2844 ROOTMODEM - ok
14:11:07.0437 2844 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
14:11:07.0437 2844 s0016bus - ok
14:11:07.0531 2844 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
14:11:07.0531 2844 s0016mdfl - ok
14:11:07.0562 2844 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
14:11:07.0562 2844 s0016mdm - ok
14:11:07.0640 2844 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys
14:11:07.0640 2844 s0016mgmt - ok
14:11:07.0796 2844 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys
14:11:07.0796 2844 s0016nd5 - ok
14:11:07.0843 2844 s0016obex (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys
14:11:07.0843 2844 s0016obex - ok
14:11:07.0937 2844 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys
14:11:07.0937 2844 s0016unic - ok
14:11:08.0031 2844 SANDRA - ok
14:11:08.0125 2844 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:11:08.0125 2844 SASDIFSV - ok
14:11:08.0187 2844 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:11:08.0187 2844 SASKUTIL - ok
14:11:08.0343 2844 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\DRIVERS\secdrv.sys
14:11:08.0343 2844 Secdrv - ok
14:11:08.0390 2844 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\Windows\system32\DRIVERS\serenum.sys
14:11:08.0390 2844 serenum - ok
14:11:08.0421 2844 Serial (b842729337c9b921615c40d3c1a1af96) C:\Windows\system32\DRIVERS\serial.sys
14:11:08.0421 2844 Serial - ok
14:11:08.0593 2844 sfdrv01 (58235f4483b63ff33b0fc41c1cd624c5) C:\Windows\system32\drivers\sfdrv01.sys
14:11:08.0593 2844 sfdrv01 - ok
14:11:08.0640 2844 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\Windows\system32\drivers\sfhlp01.sys
14:11:08.0640 2844 sfhlp01 - ok
14:11:08.0640 2844 sfhlp02 (e58bfc561f3d1d9c79b61a151c208c78) C:\Windows\system32\drivers\sfhlp02.sys
14:11:08.0656 2844 sfhlp02 - ok
14:11:08.0718 2844 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\Windows\system32\DRIVERS\sfloppy.sys
14:11:08.0718 2844 Sfloppy - ok
14:11:08.0750 2844 sfsync02 (efebbc1d13fdb77a6af4eddfc7232edf) C:\Windows\system32\drivers\sfsync02.sys
14:11:08.0750 2844 sfsync02 - ok
14:11:08.0921 2844 sfsync03 (b27f70092a84b2a381d1fcdbbb82f876) C:\Windows\system32\drivers\sfsync03.sys
14:11:08.0921 2844 sfsync03 - ok
14:11:08.0953 2844 sfvfs02 (9ef50060cc7e6953bab83f2a42ccc421) C:\Windows\system32\drivers\sfvfs02.sys
14:11:08.0953 2844 sfvfs02 - ok
14:11:09.0000 2844 Simbad - ok
14:11:09.0015 2844 SMR210 - ok
14:11:09.0046 2844 Sparrow - ok
14:11:09.0078 2844 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\Windows\system32\drivers\splitter.sys
14:11:09.0078 2844 splitter - ok
14:11:09.0234 2844 sptd (0c1dad75274cb6e31f053ce3e08bf9c3) C:\Windows\system32\Drivers\sptd.sys
14:11:09.0234 2844 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 0c1dad75274cb6e31f053ce3e08bf9c3
14:11:09.0234 2844 sptd ( LockedFile.Multi.Generic ) - warning
14:11:09.0234 2844 sptd - detected LockedFile.Multi.Generic (1)
14:11:09.0312 2844 sr (94610c8653635e4459316a0050d55ce7) C:\Windows\system32\DRIVERS\sr.sys
14:11:09.0312 2844 sr - ok
14:11:09.0453 2844 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\Windows\system32\DRIVERS\srv.sys
14:11:09.0453 2844 Srv - ok
14:11:09.0625 2844 StillCam (06cda2a5a549bc455d004461e6bc5b33) C:\Windows\system32\DRIVERS\serscan.sys
14:11:09.0625 2844 StillCam - ok
14:11:09.0656 2844 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\Windows\system32\DRIVERS\swenum.sys
14:11:09.0656 2844 swenum - ok
14:11:09.0718 2844 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\Windows\system32\drivers\swmidi.sys
14:11:09.0718 2844 swmidi - ok
14:11:09.0750 2844 symc810 - ok
14:11:09.0765 2844 symc8xx - ok
14:11:09.0781 2844 sym_hi - ok
14:11:09.0796 2844 sym_u3 - ok
14:11:09.0828 2844 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\Windows\system32\drivers\sysaudio.sys
14:11:09.0828 2844 sysaudio - ok
14:11:09.0968 2844 tap0901 (d8c94d074fe516a8509dfa1d81f8ad17) C:\Windows\system32\DRIVERS\tap0901.sys
14:11:09.0968 2844 tap0901 - ok
14:11:10.0015 2844 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\Windows\system32\DRIVERS\tcpip.sys
14:11:10.0031 2844 Tcpip - ok
14:11:10.0062 2844 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\Windows\system32\drivers\TDPIPE.sys
14:11:10.0062 2844 TDPIPE - ok
14:11:10.0171 2844 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\Windows\system32\drivers\TDTCP.sys
14:11:10.0171 2844 TDTCP - ok
14:11:10.0203 2844 TermDD (88155247177638048422893737429d9e) C:\Windows\system32\DRIVERS\termdd.sys
14:11:10.0203 2844 TermDD - ok
14:11:10.0234 2844 TosIde - ok
14:11:10.0265 2844 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\Windows\system32\drivers\Udfs.sys
14:11:10.0281 2844 Udfs - ok
14:11:10.0296 2844 ultra - ok
14:11:10.0343 2844 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\Windows\system32\DRIVERS\update.sys
14:11:10.0359 2844 Update - ok
14:11:10.0515 2844 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:11:10.0515 2844 USBAAPL - ok
14:11:10.0546 2844 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\Windows\system32\DRIVERS\usbccgp.sys
14:11:10.0546 2844 usbccgp - ok
14:11:10.0593 2844 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\Windows\system32\DRIVERS\usbehci.sys
14:11:10.0593 2844 usbehci - ok
14:11:10.0640 2844 UsbFltr (2e4d169f534d1d0a3c03a7f19184cc6b) C:\Windows\system32\drivers\UsbFltr.sys
14:11:10.0640 2844 UsbFltr - ok
14:11:10.0796 2844 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\Windows\system32\DRIVERS\usbhub.sys
14:11:10.0796 2844 usbhub - ok
14:11:10.0828 2844 usbohci (0daecce65366ea32b162f85f07c6753b) C:\Windows\system32\DRIVERS\usbohci.sys
14:11:10.0843 2844 usbohci - ok
14:11:10.0921 2844 usbprint (a717c8721046828520c9edf31288fc00) C:\Windows\system32\DRIVERS\usbprint.sys
14:11:10.0921 2844 usbprint - ok
14:11:11.0015 2844 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\Windows\system32\DRIVERS\usbscan.sys
14:11:11.0015 2844 usbscan - ok
14:11:11.0046 2844 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:11:11.0046 2844 USBSTOR - ok
14:11:11.0156 2844 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\Windows\system32\DRIVERS\usb8023x.sys
14:11:11.0156 2844 usb_rndisx - ok
14:11:11.0250 2844 vax347b (61aa77e5d9950ca59c0db7f24cfa21b3) C:\Windows\system32\DRIVERS\vax347b.sys
14:11:11.0250 2844 vax347b - ok
14:11:11.0328 2844 vax347s (113e4b318bbaa7483ca4e582a4d63f49) C:\Windows\system32\Drivers\vax347s.sys
14:11:11.0328 2844 vax347s - ok
14:11:11.0359 2844 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys
14:11:11.0359 2844 VClone - ok
14:11:11.0468 2844 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\Windows\System32\drivers\vga.sys
14:11:11.0468 2844 VgaSave - ok
14:11:11.0546 2844 ViaIde - ok
14:11:11.0578 2844 VolSnap (28a4b296b47782173c346e376cb374d1) C:\Windows\system32\drivers\VolSnap.sys
14:11:11.0578 2844 VolSnap - ok
14:11:11.0734 2844 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\Windows\system32\DRIVERS\wanarp.sys
14:11:11.0734 2844 Wanarp - ok
14:11:11.0859 2844 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\Windows\system32\DRIVERS\wceusbsh.sys
14:11:11.0859 2844 wceusbsh - ok
14:11:12.0078 2844 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\Windows\system32\Drivers\wdf01000.sys
14:11:12.0093 2844 Wdf01000 - ok
14:11:12.0187 2844 WDICA - ok
14:11:12.0234 2844 wdmaud (6768acf64b18196494413695f0c3a00f) C:\Windows\system32\drivers\wdmaud.sys
14:11:12.0234 2844 wdmaud - ok
14:11:12.0421 2844 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\Windows\system32\DRIVERS\wpdusb.sys
14:11:12.0421 2844 WpdUsb - ok
14:11:12.0531 2844 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\Windows\System32\drivers\ws2ifsl.sys
14:11:12.0531 2844 WS2IFSL - ok
14:11:12.0640 2844 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\Windows\system32\DRIVERS\WudfPf.sys
14:11:12.0640 2844 WudfPf - ok
14:11:12.0734 2844 wygtuxv - ok
14:11:12.0843 2844 yukonwxp (518c4d4dcb93c88316303694163bbd63) C:\Windows\system32\DRIVERS\yk51x86.sys
14:11:12.0843 2844 yukonwxp - ok
14:11:12.0953 2844 ZD1211BU(ZyDAS) (478b4415dfb3a45b6fe61ec781e07d7b) C:\Windows\system32\DRIVERS\zd1211Bu.sys
14:11:12.0968 2844 ZD1211BU(ZyDAS) - ok
14:11:13.0078 2844 ZD1211U(ZyDAS) (3c185892dd5c13975966e8d1c2a65290) C:\Windows\system32\DRIVERS\zd1211u.sys
14:11:13.0078 2844 ZD1211U(ZyDAS) - ok
14:11:13.0171 2844 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\Windows\system32\Drivers\ZDPSp50.sys
14:11:13.0171 2844 ZDPSp50 - ok
14:11:13.0187 2844 zntport - ok
14:11:13.0265 2844 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0
14:11:14.0015 2844 \Device\Harddisk0\DR0 - ok
14:11:14.0031 2844 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR12
14:11:14.0062 2844 \Device\Harddisk5\DR12 - ok
14:11:14.0078 2844 Boot (0x1200) (534fb3ceab3befdbd06befd68e9ea32d) \Device\Harddisk0\DR0\Partition0
14:11:14.0078 2844 \Device\Harddisk0\DR0\Partition0 - ok
14:11:14.0109 2844 Boot (0x1200) (776854c369431d911266f2242c3561e1) \Device\Harddisk0\DR0\Partition1
14:11:14.0109 2844 \Device\Harddisk0\DR0\Partition1 - ok
14:11:14.0125 2844 Boot (0x1200) (ae71fc0d35cc448f64032f314315b190) \Device\Harddisk5\DR12\Partition0
14:11:14.0125 2844 \Device\Harddisk5\DR12\Partition0 - ok
14:11:14.0125 2844 ============================================================
14:11:14.0125 2844 Scan finished
14:11:14.0125 2844 ============================================================
14:11:14.0140 2836 Detected object count: 1
14:11:14.0140 2836 Actual detected object count: 1
14:12:37.0500 2836 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
14:12:37.0500 2836 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
Naposledy upravil(a) W.Mia dne 24 lis 2011 14:27, celkem upraveno 1 x.
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Ahoj JaRone,JaRon píše:ahoj,
pouzi http://www.viry.cz/forum/viewtopic.php? ... 05#p981205 volba 2 a 3
oba logy vloz sem
zkusila jsem i RogueKiller.
Report z volby 2 je tu:
RogueKiller V6.1.10 [11/18/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Mike [Admin rights]
Mode: Remove -- Date : 11/24/2011 14:23:01
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 1 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
67.221.174.30 tagged.com
204.9.178.11 typepad.com
74.113.152.32 istockphoto.com
208.94.0.38 yfrog.com
63.309.5.102 virustotal.com
123.125.50.22 126.com
74.208.73.101 qvc.com
174.36.28.11 SlideShare.com
213.238.60.190 xing.com
59.106.98.139 seesaa.net
184.72.253.170 hootsuite.com
211.151.146.16 soku.com
72.32.120.222 metacafe.com
9.105.6.98 bitdefender.com
204.11.109.133 tribalfusion.com
207.154.14.31tripadvisor.com
216.52.240.133 ustream.tv
174.36.244.132 linkwithin.com
121.67.203.61 scan.novirusthanks.org
[...]
Finished : << RKreport[1].txt >>
RKreport[1].txt
Report z volby 3 tu:
RogueKiller V6.1.10 [11/18/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Mike [Admin rights]
Mode: HOSTSFix -- Date : 11/24/2011 14:23:27
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
67.221.174.30 tagged.com
204.9.178.11 typepad.com
74.113.152.32 istockphoto.com
208.94.0.38 yfrog.com
63.309.5.102 virustotal.com
123.125.50.22 126.com
74.208.73.101 qvc.com
174.36.28.11 SlideShare.com
213.238.60.190 xing.com
59.106.98.139 seesaa.net
184.72.253.170 hootsuite.com
211.151.146.16 soku.com
72.32.120.222 metacafe.com
9.105.6.98 bitdefender.com
204.11.109.133 tribalfusion.com
207.154.14.31tripadvisor.com
216.52.240.133 ustream.tv
174.36.244.132 linkwithin.com
121.67.203.61 scan.novirusthanks.org
[...]
¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Fajn, ted combofix
Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
Spusťte combofix podle tohoto návoduhttp://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Provedenomotji píše:Fajn, ted combofix
http://www.bleepingcomputer.com/combofi ... t-combofix
Nutno říct, že počítač se nyní zdá v nejlepším stavu za poslední čtyři dny, co potíže s ním řešíme. Děkuju moc za rady.
Windows po startu hlásí, že "Počítač může být ohrožen", což je fajn, předtím na absenci antiviru nijak nereagovaly.
Startovní lišta se zobrazuje v barvě, předtím byla v defaultní šedé.
Instalačky .msi fungují, úspěšně se nainstaloval Windows Defender a i se aktualizoval (takže i připojení k netu se zdá v pořádku).
Takže z toho, co jsem psala na začátku je skoro všechno OK.
Moc děkuju za pomoc, bez ní bych už byla v koncích
Pořád ještě vyskakuje Průvodce nově rozpoznaným hardwarem, že chybí software pro "Hostitelský řadič SCSI nebo RAID". (A automatickou instalaci nelze dokončit kvůli chybě.) Netušíte prosím ještě co s tímto?
Log z ComboFixu je tu:
ComboFix 11-11-23.03 - Mike 24.11.2011 15:14:22.1.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2815.2170 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Mike\Plocha\ComboFix.exe
ADS - Windows: deleted 192 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Mike\LOCALS~1\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll
C:\Documents and Settings\Mike\Local Settings\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll
C:\Documents and Settings\Mike\WINDOWS
C:\Program Files\Windows Media Player\1.txt
C:\Program Files\Windows Media Player\2.txt
C:\Windows\d.ini
C:\Windows\IsUn0405.exe
C:\Windows\iun6002.exe
C:\Windows\pkunzip.pif
C:\Windows\pkzip.pif
C:\Windows\system32\muzapp.exe
C:\Windows\system32\scrnrdr.exe
C:\Windows\system32\system32
C:\Windows\system32\system32\3DAudio.ax
C:\Windows\system32\system32\avrt.dll
C:\Windows\system32\system32\cis-2.4.dll
C:\Windows\system32\system32\issacapi_bs-2.3.dll
C:\Windows\system32\system32\issacapi_pe-2.3.dll
C:\Windows\system32\system32\issacapi_se-2.3.dll
C:\Windows\system32\system32\MACXMLProto.dll
C:\Windows\system32\system32\MaDRM.dll
C:\Windows\system32\system32\MaJGUILib.dll
C:\Windows\system32\system32\MaJUtilLib.dll
C:\Windows\system32\system32\MAMACExtract.dll
C:\Windows\system32\system32\MASetupCaller.dll
C:\Windows\system32\system32\MASetupCleaner.exe
C:\Windows\system32\system32\MaXMLProto.dll
C:\Windows\system32\system32\MetaStore2.dll
C:\Windows\system32\system32\mfplat.dll
C:\Windows\system32\system32\Microsoft.Synchronization.dll
C:\Windows\system32\system32\MK_Lyric.dll
C:\Windows\system32\system32\MSCLib.dll
C:\Windows\system32\system32\MSFLib.dll
C:\Windows\system32\system32\MSLUR71.dll
C:\Windows\system32\system32\msvcp60.dll
C:\Windows\system32\system32\MTTELECHIP.dll
C:\Windows\system32\system32\MTXSYNCICON.dll
C:\Windows\system32\system32\muzaf1.dll
C:\Windows\system32\system32\muzapp.dll
C:\Windows\system32\system32\muzapp.exe
C:\Windows\system32\system32\muzdecode.ax
C:\Windows\system32\system32\muzeffect.ax
C:\Windows\system32\system32\muzmp4sp.ax
C:\Windows\system32\system32\muzmpgsp.ax
C:\Windows\system32\system32\muzoggsp.ax
C:\Windows\system32\system32\muzwmts.dll
C:\Windows\system32\system32\psapi.dll
C:\Windows\system32\system32\Synchronization2.dll
C:\Windows\system32\VIRepair
C:\Windows\system32\VIRepair\vi.sif
C:\Windows\UA000019.DLL
D:\install.exe
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-24 do 2011-11-24 )))))))))))))))))))))))))))))))
2011-11-24 13:12:37 . 2011-11-24 13:12:37 -------- d-----w- C:\TDSSKiller_Quarantine
2011-11-24 11:07:29 . 2011-11-24 11:07:37 -------- dc-h--w- C:\Windows\ie8
2011-11-24 11:07:24 . 2011-11-24 11:07:24 -------- d-----w- C:\Windows\LastGood
2011-11-24 09:46:06 . 2011-11-24 09:46:06 -------- d-----w- C:\Windows\system32\drivers\NIS
2011-11-24 09:10:10 . 2011-11-24 09:15:39 -------- d-----w- C:\Documents and Settings\Mike\Local Settings\Data aplikací\NPE
2011-11-24 07:21:38 . 2011-11-24 07:27:34 -------- d-----w- C:\rsit
2011-11-24 07:21:38 . 2011-11-24 07:25:58 -------- d-----w- C:\Program Files\trend micro
2011-11-23 21:37:44 . 2011-11-23 21:37:44 -------- d-----w- C:\Windows\system32\drivers\NAV
2011-11-23 14:27:39 . 2011-11-23 14:27:39 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\PCSettings
2011-11-23 14:17:30 . 2011-11-24 11:10:38 -------- d-----w- C:\Documents and Settings\Administrator
2011-11-23 13:41:07 . 2011-11-23 13:41:07 -------- d-----w- C:\Program Files\Windows Sidebar
2011-11-23 11:33:11 . 2011-11-23 11:33:11 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\EurekaLog
2011-11-23 02:05:54 . 2011-11-23 02:05:54 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\Uniblue
2011-11-23 02:05:51 . 2011-11-23 13:21:32 -------- d-----w- C:\Program Files\Uniblue
2011-11-23 02:05:45 . 2011-11-23 02:05:45 -------- d-----w- C:\Documents and Settings\Mike\Local Settings\Data aplikací\PackageAware
2011-11-23 01:40:26 . 2011-11-23 01:40:26 -------- d-----w- C:\RRTVAULT
2011-11-23 01:35:35 . 2011-11-24 14:21:10 -------- d-----w- C:\Program Files\Emsisoft Anti-Malware
2011-11-21 20:19:30 . 2011-11-21 20:19:30 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\Malwarebytes
2011-11-21 20:19:27 . 2011-11-21 20:19:27 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-11-21 20:19:24 . 2011-11-21 20:19:28 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-21 20:19:24 . 2011-08-31 16:00:50 22216 ----a-w- C:\Windows\system32\drivers\mbam.sys
2011-11-21 20:14:40 . 2011-11-21 20:14:41 -------- d-----w- C:\Program Files\CCleaner
2011-11-21 20:07:00 . 2011-11-21 20:07:00 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\QuickScan
2011-11-20 21:19:52 . 2011-11-20 21:20:06 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Media Get LLC
2011-11-20 14:37:04 . 2011-11-20 14:37:04 -------- d-----w- C:\Program Files\Common Files\Steam
2011-11-20 14:37:04 . 2011-11-20 14:37:04 -------- d-----w- C:\Documents and Settings\All Users\Nabdka Start
2011-11-20 14:37:01 . 2011-11-24 14:22:09 -------- d-----w- C:\Program Files\Steam
2011-11-20 10:43:25 . 2011-11-20 10:43:25 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\NVIDIA
2011-11-20 10:07:46 . 2011-11-20 10:07:48 -------- d-----w- C:\Documents and Settings\UpdatusUser
2011-11-20 10:07:25 . 2011-10-08 04:50:00 602432 ----a-w- C:\Windows\system32\easyupdatusapiu.dll
2011-11-20 10:07:13 . 2011-11-20 10:07:17 285176 ----a-w- C:\Windows\system32\nvdrsdb0.bin
2011-11-20 10:07:13 . 2011-11-20 10:07:17 1 ----a-w- C:\Windows\system32\nvdrssel.bin
2011-11-20 10:07:13 . 2011-11-20 10:07:13 285176 ----a-w- C:\Windows\system32\nvdrsdb1.bin
2011-11-20 10:05:55 . 2011-10-08 04:50:00 877376 ----a-w- C:\Windows\system32\nvgenco32.dll
2011-11-20 10:05:54 . 2011-10-08 04:50:00 919872 ----a-w- C:\Windows\system32\nvdispco32.dll
2011-11-20 09:59:20 . 2011-11-23 08:11:46 -------- d-----w- C:\Program Files\Yontoo Layers Runtime
2011-11-20 09:54:32 . 2011-11-20 16:29:13 -------- d-----w- C:\ATI
2011-11-19 10:30:09 . 2010-06-02 03:55:30 74072 ----a-w- C:\Windows\system32\XAPOFX1_5.dll
2011-11-19 10:30:09 . 2010-06-02 03:55:30 527192 ----a-w- C:\Windows\system32\XAudio2_7.dll
2011-11-19 10:30:08 . 2010-06-02 03:55:30 239960 ----a-w- C:\Windows\system32\xactengine3_7.dll
2011-11-19 10:30:07 . 2010-05-26 10:41:02 2106216 ----a-w- C:\Windows\system32\D3DCompiler_43.dll
2011-11-19 10:30:07 . 2010-05-26 10:41:02 1868128 ----a-w- C:\Windows\system32\d3dcsx_43.dll
2011-11-19 10:30:06 . 2010-05-26 10:41:02 470880 ----a-w- C:\Windows\system32\d3dx10_43.dll
2011-11-19 10:30:06 . 2010-05-26 10:41:02 248672 ----a-w- C:\Windows\system32\d3dx11_43.dll
2011-11-19 10:30:05 . 2010-05-26 10:41:02 1998168 ----a-w- C:\Windows\system32\D3DX9_43.dll
2011-11-19 10:10:17 . 2011-11-19 10:10:17 0 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65E.tmp
2011-11-19 10:10:11 . 2011-11-19 10:10:11 0 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65D.tmp
2011-11-19 10:10:10 . 2011-11-19 10:10:11 13661 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65C.tmp
2011-11-19 10:10:08 . 2011-11-19 10:10:10 7240 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65B.tmp
2011-11-18 19:28:56 . 2011-11-18 19:28:56 -------- d-----w- C:\Program Files\iPod
2011-11-18 19:28:49 . 2011-11-18 19:30:25 -------- d-----w- C:\Program Files\iTunes
2011-11-02 21:37:33 . 2011-11-02 21:37:33 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\SUPERSetup
2011-10-27 07:33:04 . 2011-10-27 07:33:04 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Vocals
2011-10-27 07:31:21 . 2011-10-27 07:31:21 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\business-inkjet
2011-10-27 07:31:20 . 2011-10-27 07:31:20 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Tuner
2011-10-26 10:56:44 . 2011-10-26 10:56:44 -------- d-----w- C:\Documents and Settings\Mike\Notebooks
2011-10-26 10:56:44 . 2011-10-26 10:56:44 -------- d-----w- C:\Documents and Settings\Mike\.config
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-10-27 07:34:24 . 2010-06-19 18:17:06 57344 ----a-r- C:\Documents and Settings\Mike\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-10-27 07:29:12 . 2006-07-11 16:07:30 106496 ----a-w- C:\Windows\system32\ATL71.DLL
2011-10-24 13:29:02 . 2011-10-24 13:29:02 94208 ----a-w- C:\Windows\system32\QuickTimeVR.qtx
2011-10-24 13:29:02 . 2011-10-24 13:29:02 69632 ----a-w- C:\Windows\system32\QuickTime.qts
2011-10-10 14:22:49 . 2006-03-17 09:13:16 692736 ----a-w- C:\Windows\system32\inetcomm.dll
2011-10-08 21:48:57 . 2011-05-23 18:40:01 414368 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2011-10-08 04:50:00 . 2010-04-03 20:55:32 65536 ----a-w- C:\Windows\system32\OpenCL.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 5595136 ----a-w- C:\Windows\system32\nvcuda.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 2398016 ----a-w- C:\Windows\system32\nvcuvid.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 2099520 ----a-w- C:\Windows\system32\nvcuvenc.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 17240064 ----a-w- C:\Windows\system32\nvcompiler.dll
2011-10-08 04:50:00 . 2010-04-03 17:23:16 298304 ----a-w- C:\Windows\system32\nvsvc32.exe
2011-10-08 04:50:00 . 2010-04-03 17:23:16 220992 ----a-w- C:\Windows\system32\nvcolor.exe
2011-10-08 04:50:00 . 2010-04-03 17:23:16 203072 ----a-w- C:\Windows\system32\nvmctray.dll
2011-10-08 04:50:00 . 2010-04-03 17:23:16 16744256 ----a-w- C:\Windows\system32\nvcpl.dll
2011-10-08 04:50:00 . 2010-04-03 17:22:54 54272 ----a-w- C:\Windows\system32\nvwddi.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 4226688 ----a-w- C:\Windows\system32\nv4_disp.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 2449408 ----a-w- C:\Windows\system32\nvapi.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 17956864 ----a-w- C:\Windows\system32\nvoglnt.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 12791488 ----a-w- C:\Windows\system32\drivers\nv4_mini.sys
2011-10-03 03:06:03 . 2010-05-21 08:44:41 472808 ----a-w- C:\Windows\system32\deployJava1.dll
2011-10-03 00:37:52 . 2010-10-25 17:20:23 73728 ----a-w- C:\Windows\system32\javacpl.cpl
2011-09-28 07:06:47 . 2004-08-18 20:00:00 602112 ----a-w- C:\Windows\system32\crypt32.dll
2011-09-26 09:41:42 . 2007-10-09 12:03:08 613376 ----a-w- C:\Windows\system32\uiautomationcore.dll
2011-09-26 09:41:42 . 2004-08-18 20:00:00 22528 ----a-w- C:\Windows\system32\oleaccrc.dll
2011-09-26 09:41:20 . 2004-08-18 20:00:00 220160 ----a-w- C:\Windows\system32\oleacc.dll
2011-09-23 17:15:36 . 2011-09-23 17:15:36 161280 ----a-w- C:\Windows\system32\fmod.dll
2011-09-23 17:15:35 . 2011-09-23 17:15:35 1008128 ----a-w- C:\Windows\system32\The Matrix Trilogy.scr
2011-09-06 14:10:02 . 2005-10-06 03:10:28 1858944 ----a-w- C:\Windows\system32\win32k.sys
2011-08-30 21:05:04 . 2011-08-30 21:05:04 83816 ----a-w- C:\Windows\system32\dns-sd.exe
2011-08-30 21:05:04 . 2011-08-30 21:05:04 73064 ----a-w- C:\Windows\system32\dnssd.dll
2011-08-30 21:05:04 . 2011-08-30 21:05:04 50536 ----a-w- C:\Windows\system32\jdns_sd.dll
2011-08-30 21:05:04 . 2011-08-30 21:05:04 178536 ----a-w- C:\Windows\system32\dnssdX.dll
2010-09-27 15:24:31 . 2010-09-27 15:24:50 774144 -c--a-w- C:\Program Files\RngInterstitial.dll
2011-11-09 08:30:43 . 2011-03-27 22:07:37 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
2011-04-13 18:16:16 39289424 --sh--w- C:\Windows\setupa.exe
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
[-] 2008-04-14 06:52:24 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\Windows\explorer.exe
[7] 2008-04-14 06:52:24 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\Windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 13:23:39 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] . . C:\Windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 13:11:59 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] . . C:\Windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2008-04-14 06:52:44 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\Windows\regedit.exe
[7] 2008-04-14 06:52:44 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\Windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 20:00:00 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\Windows\$NtServicePackUninstall$\regedit.exe
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49:38 176936 ----a-w- C:\Program Files\uTorrentBar\prxtbuTo2.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 14:07:20 2260480]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 15:50:20 1289000]
"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" [2011-07-18 15:00:10 3077528]
"KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-06-24 06:54:46 20880]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-16 21:01:42 4617600]
"Steam"="C:\Program Files\Steam\steam.exe" [2011-11-20 14:37:34 1242448]
"Uniblue ProcessQuickLink 2"="C:\Program Files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe" [2008-04-02 08:50:28 655640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 00:48:00 16208384]
"SkyTel"="SkyTel.EXE" [2006-05-16 02:04:26 2879488]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 20:00:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 20:00:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 20:00:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 20:00:00 455168]
"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2006-08-11 15:14:28 110592]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [2006-07-26 20:42:56 143360]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 04:03:58 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 09:58:18 86960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 05:42:51 36272]
"Nikon Transfer Monitor"="C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 14:58:46 479232]
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-06-27 09:25:10 500208]
"Nikon Message Center 2"="C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 17:16:16 619008]
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 19:17:46 1226608]
"Free PDF Print Dispatcher"="C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe" [2010-01-15 14:51:04 25600]
"Olympus ib"="C:\Program Files\Olympus\ib\olycamdetect.exe" [2011-03-11 14:17:30 93360]
"MDS_Menu"="C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2010-07-01 10:43:42 220336]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 13:57:24 153136]
"TkBellExe"="C:\program files\real\realplayer\update\realsched.exe" [2011-06-18 16:29:21 273544]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 05:22:28 59240]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 11:06:06 254696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-11-12 23:24:58 421736]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2011-10-24 13:28:52 421888]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 04:50:00 203072]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2011-10-08 04:50:00 16744256]
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 04:50:00 1632360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 06:52:18 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 00:02:18 113024]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54:14 551296 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"C:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Documents and Settings\\Mike\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Samsung\\Intelli-studio\\iStudio.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\TmUnitedForever\\TmForever.exe"=
"C:\\Documents and Settings\\Mike\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite (Eval) 2012\\RpcAgentSrv.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite (Eval) 2012\\WNt500x86\\RpcSandraSrv.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"C:\\Program Files\\Steam\\Steam.exe"=
"C:\\Program Files\\Steam\\steamapps\\common\\might and magic clash of heroes\\ClashOfHeroes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18285:TCP"= 18285:TCP:BitComet 18285 TCP
"18285:UDP"= 18285:UDP:BitComet 18285 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"58890:TCP"= 58890:TCP:Pando Media Booster
"58890:UDP"= 58890:UDP:Pando Media Booster
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [6.12.2005 16:11:18 35328]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [8.1.2007 22:21:55 715248]
R0 vax347b;vax347b;C:\WINDOWS\system32\drivers\vax347b.sys [10.2.2008 21:52:34 159616]
R0 vax347s;vax347s;C:\WINDOWS\system32\drivers\vax347s.sys [10.2.2008 21:52:34 5248]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [23.11.2011 2:35:37 17904]
R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [9.1.2007 23:13:55 12856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 17:27:02 12880]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 22:55:22 67664]
R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\UsbFltr.sys [9.1.2007 23:13:51 8576]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore.exe [12.8.2011 0:38:07 116608]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;C:\Program Files\Emsisoft Anti-Malware\a2service.exe [23.11.2011 2:35:36 2996784]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [12.12.2010 0:45:16 217088]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\WINDOWS\system32\nlssrv32.exe [21.2.2011 22:17:32 66560]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.11.2011 11:07:43 2253120]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [12.12.2010 0:45:16 36640]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16:28 753504]
S0 SMR210;Symantec SMR Utility Service 2.1.0;C:\Windows\system32\drivers\SMR210.SYS --> C:\Windows\system32\drivers\SMR210.SYS [?]
S0 wygtuxv;wygtuxv;C:\Windows\system32\drivers\aplqjx.sys --> C:\Windows\system32\drivers\aplqjx.sys [?]
S1 ethpoiwr;ethpoiwr; [x]
S2 Application Updater;Application Updater;"C:\Program Files\Application Updater\ApplicationUpdater.exe" --> C:\Program Files\Application Updater\ApplicationUpdater.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16:28 130384]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2.3.2011 9:05:59 136176]
S2 kydqbuvk;kydqbuvk;\??\C:\WINDOWS\system32\drivers\ddvdseooc.sys --> C:\WINDOWS\system32\drivers\ddvdseooc.sys [?]
S2 PCSpeedUpService;PCSpeedUp Service;"C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe" --> C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe [?]
S3 AMDMSRIO;AMDMSRIO;\??\C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys --> C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys [?]
S3 cpuz130;cpuz130;\??\C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [16.3.2011 12:48:16 20032]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2.3.2011 9:05:59 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\Windows\system32\drivers\mbamswissarmy.sys --> C:\Windows\system32\drivers\mbamswissarmy.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\drivers\pcouffin.sys [11.5.2007 8:57:21 47360]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);C:\WINDOWS\system32\drivers\s0016bus.sys [12.12.2010 20:13:31 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;C:\WINDOWS\system32\drivers\s0016mdfl.sys [12.12.2010 20:13:32 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;C:\WINDOWS\system32\drivers\s0016mdm.sys [12.12.2010 20:13:32 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\drivers\s0016mgmt.sys [12.12.2010 20:13:39 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);C:\WINDOWS\system32\drivers\s0016nd5.sys [12.12.2010 20:13:34 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;C:\WINDOWS\system32\drivers\s0016obex.sys [12.12.2010 20:13:36 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);C:\WINDOWS\system32\drivers\s0016unic.sys [12.12.2010 20:13:41 115752]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe [19.11.2011 11:28:16 93848]
S3 SwitchBoard;SwitchBoard;"C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" --> C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [?]
S3 TrueSight;TrueSight;\??\c:\windows\system32\drivers\TrueSight.sys --> c:\windows\system32\drivers\TrueSight.sys [?]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - A2DDA
Obsah adresáře 'Naplánované úlohy'
2011-11-22 C:\Windows\Tasks\AdobeAAMUpdater-1.0-ACER-64B9BF4930-Mike.job
- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-06-27 09:26:29 . 2010-06-27 09:25:10]
2011-11-18 C:\Windows\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57:16 . 2011-06-01 15:57:16]
2011-11-24 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-02 08:05:59 . 2010-10-13 22:19:04]
2011-11-24 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-02 08:05:59 . 2010-10-13 22:19:04]
2011-11-24 C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-24 C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-500.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-24 C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-24 C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-500.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
------- Doplňkový sken -------
uInternet Settings,ProxyOverride = ;*.local;<local>
TCP: DhcpNameServer = 192.168.1.1
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxp://software.seznam.cz/listicka/toolbar.cab
FF - ProfilePath - C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - user.js: extentions.y2layers.installId - b90a585a-9777-4b09-a3bc-32025a835298
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D} - (no file)
BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll
HKLM-Run-SMail - C:\Program Files\Seznam\Postak\Postak.exe
HKLM-Run-PC-Checkup - C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe
HKLM-Run-Adobe ARM - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
HKLM-Run-SwitchBoard - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM-Run-AdobeCS5ServiceManager - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
HKLM-Run-eRecoveryService - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
ShellExecuteHooks-{097F10A7-487F-4457-AB1F-827C59479A72} - (no file)
Notify-AtiExtEvent - (no file)
Notify-WgaLogon - (no file)
AddRemove-3FA1705966809259F916AF817C59B4F389F4572C - C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe
AddRemove-Cool's_Codec_pack_4.12 - C:\WINDOWS\iun6002.exe
AddRemove-Fairies - C:\Program Files\Bigfish\Fairies\Uninstall.exe
AddRemove-Media Key - C:\Program Files\Media Key\uninst.isu
AddRemove-NVIDIA Display Control Panel - C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe
AddRemove-PunkBusterSvc - C:\Program Files\EA Games\Battlefield Play4Free\pbsvc_p4f.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - C:\Documents and Settings\All Users\Data aplikací\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - C:\DOCUME~1\ALLUSE~1\DATAAP~1\TARMAI~1\{889DF~1\Setup.exe
AddRemove-01_Simmental - C:\Program Files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - C:\Program Files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - C:\Program Files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - C:\Program Files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - C:\Program Files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - C:\Program Files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - C:\Program Files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - C:\Program Files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - C:\Program Files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - C:\Program Files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - C:\Program Files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - C:\Program Files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - C:\Program Files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - C:\Program Files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - C:\Program Files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - C:\Program Files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - C:\Program Files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - C:\Program Files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - C:\Program Files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - C:\Program Files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - C:\Program Files\Samsung\USB Drivers\25_escape\Uninstall.exe
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Máte tam toho požehnaně 
.
Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
. Pokud nemáte, přesuňte Combofix na plochu-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
Kód: Vybrat vše
KillAll::
Driver::
ethpoiwr
wygtuxv
kydqbuvk
AMDMSRIO
File::
C:\Windows\system32\drivers\aplqjx.sys
C:\WINDOWS\system32\drivers\ddvdseooc.sys
C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Provedeno.motji píše:Máte tam toho požehnaně
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochuKód: Vybrat vše
KillAll:: Driver:: ethpoiwr wygtuxv kydqbuvk AMDMSRIO File:: C:\Windows\system32\drivers\aplqjx.sys C:\WINDOWS\system32\drivers\ddvdseooc.sys C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Věc s nerozpoznaným hardware SCSI/RAID se děje dál.
ComboFix 11-11-25.02 - Mike 25.11.2011 22:49:03.2.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2815.2281 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Mike\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Mike\Plocha\CFScript.txt
FILE ::
"C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys"
"C:\Windows\system32\drivers\aplqjx.sys"
"C:\WINDOWS\system32\drivers\ddvdseooc.sys"
ADS - Windows: deleted 0 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
---- Předchozí spuštění -------
C:\DOCUME~1\Mike\LOCALS~1\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll
C:\Documents and Settings\Mike\Local Settings\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll
C:\Program Files\Windows Media Player\1.txt
C:\Program Files\Windows Media Player\2.txt
C:\Windows\d.ini
C:\Windows\IsUn0405.exe
C:\Windows\iun6002.exe
C:\Windows\pkunzip.pif
C:\Windows\pkzip.pif
C:\Windows\system32\muzapp.exe
C:\Windows\system32\scrnrdr.exe
C:\Windows\system32\system32\3DAudio.ax
C:\Windows\system32\system32\avrt.dll
C:\Windows\system32\system32\cis-2.4.dll
C:\Windows\system32\system32\issacapi_bs-2.3.dll
C:\Windows\system32\system32\issacapi_pe-2.3.dll
C:\Windows\system32\system32\issacapi_se-2.3.dll
C:\Windows\system32\system32\MACXMLProto.dll
C:\Windows\system32\system32\MaDRM.dll
C:\Windows\system32\system32\MaJGUILib.dll
C:\Windows\system32\system32\MaJUtilLib.dll
C:\Windows\system32\system32\MAMACExtract.dll
C:\Windows\system32\system32\MASetupCaller.dll
C:\Windows\system32\system32\MASetupCleaner.exe
C:\Windows\system32\system32\MaXMLProto.dll
C:\Windows\system32\system32\MetaStore2.dll
C:\Windows\system32\system32\mfplat.dll
C:\Windows\system32\system32\Microsoft.Synchronization.dll
C:\Windows\system32\system32\MK_Lyric.dll
C:\Windows\system32\system32\MSCLib.dll
C:\Windows\system32\system32\MSFLib.dll
C:\Windows\system32\system32\MSLUR71.dll
C:\Windows\system32\system32\msvcp60.dll
C:\Windows\system32\system32\MTTELECHIP.dll
C:\Windows\system32\system32\MTXSYNCICON.dll
C:\Windows\system32\system32\muzaf1.dll
C:\Windows\system32\system32\muzapp.dll
C:\Windows\system32\system32\muzapp.exe
C:\Windows\system32\system32\muzdecode.ax
C:\Windows\system32\system32\muzeffect.ax
C:\Windows\system32\system32\muzmp4sp.ax
C:\Windows\system32\system32\muzmpgsp.ax
C:\Windows\system32\system32\muzoggsp.ax
C:\Windows\system32\system32\muzwmts.dll
C:\Windows\system32\system32\psapi.dll
C:\Windows\system32\system32\Synchronization2.dll
C:\Windows\system32\VIRepair\vi.sif
C:\Windows\UA000019.DLL
D:\install.exe
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AMDMSRIO
-------\Legacy_KYDQBUVK
-------\Service_AMDMSRIO
-------\Service_ethpoiwr
-------\Service_kydqbuvk
-------\Service_wygtuxv
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-25 do 2011-11-25 )))))))))))))))))))))))))))))))
2011-11-25 21:59:24 . 2011-11-25 21:59:24 56200 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{AB89C914-27CB-44F4-8090-19AD4255F1ED}\offreg.dll
2011-11-25 20:56:41 . 2011-10-18 00:28:06 6668624 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{AB89C914-27CB-44F4-8090-19AD4255F1ED}\mpengine.dll
2011-11-24 14:43:58 . 2011-10-18 00:28:06 6668624 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-11-24 14:43:54 . 2011-05-24 17:14:10 222080 ------w- C:\Windows\system32\MpSigStub.exe
2011-11-24 14:41:45 . 2011-11-24 14:41:45 -------- d-----w- C:\Program Files\Windows Defender
2011-11-24 13:12:37 . 2011-11-24 13:12:37 -------- d-----w- C:\TDSSKiller_Quarantine
2011-11-24 11:07:29 . 2011-11-24 11:07:37 -------- dc-h--w- C:\Windows\ie8
2011-11-24 09:46:06 . 2011-11-24 09:46:06 -------- d-----w- C:\Windows\system32\drivers\NIS
2011-11-24 09:10:10 . 2011-11-24 09:15:39 -------- d-----w- C:\Documents and Settings\Mike\Local Settings\Data aplikací\NPE
2011-11-24 07:21:38 . 2011-11-24 07:27:34 -------- d-----w- C:\rsit
2011-11-24 07:21:38 . 2011-11-24 07:25:58 -------- d-----w- C:\Program Files\trend micro
2011-11-23 21:37:44 . 2011-11-23 21:37:44 -------- d-----w- C:\Windows\system32\drivers\NAV
2011-11-23 14:27:39 . 2011-11-23 14:27:39 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\PCSettings
2011-11-23 14:17:30 . 2011-11-24 11:10:38 -------- d-----w- C:\Documents and Settings\Administrator
2011-11-23 13:41:07 . 2011-11-23 13:41:07 -------- d-----w- C:\Program Files\Windows Sidebar
2011-11-23 11:33:11 . 2011-11-23 11:33:11 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\EurekaLog
2011-11-23 02:05:54 . 2011-11-23 02:05:54 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\Uniblue
2011-11-23 02:05:51 . 2011-11-24 15:07:35 -------- d-----w- C:\Program Files\Uniblue
2011-11-23 02:05:45 . 2011-11-23 02:05:45 -------- d-----w- C:\Documents and Settings\Mike\Local Settings\Data aplikací\PackageAware
2011-11-23 01:40:26 . 2011-11-23 01:40:26 -------- d-----w- C:\RRTVAULT
2011-11-23 01:35:35 . 2011-11-25 00:09:54 -------- d-----w- C:\Program Files\Emsisoft Anti-Malware
2011-11-21 20:19:30 . 2011-11-21 20:19:30 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\Malwarebytes
2011-11-21 20:19:27 . 2011-11-21 20:19:27 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-11-21 20:07:00 . 2011-11-21 20:07:00 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\QuickScan
2011-11-20 21:19:52 . 2011-11-20 21:20:06 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Media Get LLC
2011-11-20 14:37:04 . 2011-11-20 14:37:04 -------- d-----w- C:\Program Files\Common Files\Steam
2011-11-20 14:37:04 . 2011-11-20 14:37:04 -------- d-----w- C:\Documents and Settings\All Users\Nabdka Start
2011-11-20 14:37:01 . 2011-11-25 21:45:18 -------- d-----w- C:\Program Files\Steam
2011-11-20 10:43:25 . 2011-11-20 10:43:25 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\NVIDIA
2011-11-20 10:07:46 . 2011-11-20 10:07:48 -------- d-----w- C:\Documents and Settings\UpdatusUser
2011-11-20 10:07:25 . 2011-10-08 04:50:00 602432 ----a-w- C:\Windows\system32\easyupdatusapiu.dll
2011-11-20 10:07:13 . 2011-11-20 10:07:17 285176 ----a-w- C:\Windows\system32\nvdrsdb0.bin
2011-11-20 10:07:13 . 2011-11-20 10:07:17 1 ----a-w- C:\Windows\system32\nvdrssel.bin
2011-11-20 10:07:13 . 2011-11-20 10:07:13 285176 ----a-w- C:\Windows\system32\nvdrsdb1.bin
2011-11-20 10:05:55 . 2011-10-08 04:50:00 877376 ----a-w- C:\Windows\system32\nvgenco32.dll
2011-11-20 10:05:54 . 2011-10-08 04:50:00 919872 ----a-w- C:\Windows\system32\nvdispco32.dll
2011-11-20 09:54:32 . 2011-11-20 16:29:13 -------- d-----w- C:\ATI
2011-11-19 10:30:09 . 2010-06-02 03:55:30 74072 ----a-w- C:\Windows\system32\XAPOFX1_5.dll
2011-11-19 10:30:09 . 2010-06-02 03:55:30 527192 ----a-w- C:\Windows\system32\XAudio2_7.dll
2011-11-19 10:30:08 . 2010-06-02 03:55:30 239960 ----a-w- C:\Windows\system32\xactengine3_7.dll
2011-11-19 10:30:07 . 2010-05-26 10:41:02 2106216 ----a-w- C:\Windows\system32\D3DCompiler_43.dll
2011-11-19 10:30:07 . 2010-05-26 10:41:02 1868128 ----a-w- C:\Windows\system32\d3dcsx_43.dll
2011-11-19 10:30:06 . 2010-05-26 10:41:02 470880 ----a-w- C:\Windows\system32\d3dx10_43.dll
2011-11-19 10:30:06 . 2010-05-26 10:41:02 248672 ----a-w- C:\Windows\system32\d3dx11_43.dll
2011-11-19 10:30:05 . 2010-05-26 10:41:02 1998168 ----a-w- C:\Windows\system32\D3DX9_43.dll
2011-11-19 10:10:17 . 2011-11-19 10:10:17 0 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65E.tmp
2011-11-19 10:10:11 . 2011-11-19 10:10:11 0 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65D.tmp
2011-11-19 10:10:10 . 2011-11-19 10:10:11 13661 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65C.tmp
2011-11-19 10:10:08 . 2011-11-19 10:10:10 7240 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65B.tmp
2011-11-18 19:28:56 . 2011-11-18 19:28:56 -------- d-----w- C:\Program Files\iPod
2011-11-18 19:28:49 . 2011-11-18 19:30:25 -------- d-----w- C:\Program Files\iTunes
2011-11-02 21:37:33 . 2011-11-02 21:37:33 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\SUPERSetup
2011-10-27 07:33:04 . 2011-10-27 07:33:04 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Vocals
2011-10-27 07:31:21 . 2011-10-27 07:31:21 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\business-inkjet
2011-10-27 07:31:20 . 2011-10-27 07:31:20 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Tuner
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-10-27 07:34:24 . 2010-06-19 18:17:06 57344 ----a-r- C:\Documents and Settings\Mike\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-10-27 07:29:12 . 2006-07-11 16:07:30 106496 ----a-w- C:\Windows\system32\ATL71.DLL
2011-10-24 13:29:02 . 2011-10-24 13:29:02 94208 ----a-w- C:\Windows\system32\QuickTimeVR.qtx
2011-10-24 13:29:02 . 2011-10-24 13:29:02 69632 ----a-w- C:\Windows\system32\QuickTime.qts
2011-10-10 14:22:49 . 2006-03-17 09:13:16 692736 ----a-w- C:\Windows\system32\inetcomm.dll
2011-10-08 21:48:57 . 2011-05-23 18:40:01 414368 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2011-10-08 04:50:00 . 2010-04-03 20:55:32 65536 ----a-w- C:\Windows\system32\OpenCL.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 5595136 ----a-w- C:\Windows\system32\nvcuda.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 2398016 ----a-w- C:\Windows\system32\nvcuvid.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 2099520 ----a-w- C:\Windows\system32\nvcuvenc.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 17240064 ----a-w- C:\Windows\system32\nvcompiler.dll
2011-10-08 04:50:00 . 2010-04-03 17:23:16 298304 ----a-w- C:\Windows\system32\nvsvc32.exe
2011-10-08 04:50:00 . 2010-04-03 17:23:16 220992 ----a-w- C:\Windows\system32\nvcolor.exe
2011-10-08 04:50:00 . 2010-04-03 17:23:16 203072 ----a-w- C:\Windows\system32\nvmctray.dll
2011-10-08 04:50:00 . 2010-04-03 17:23:16 16744256 ----a-w- C:\Windows\system32\nvcpl.dll
2011-10-08 04:50:00 . 2010-04-03 17:22:54 54272 ----a-w- C:\Windows\system32\nvwddi.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 4226688 ----a-w- C:\Windows\system32\nv4_disp.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 2449408 ----a-w- C:\Windows\system32\nvapi.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 17956864 ----a-w- C:\Windows\system32\nvoglnt.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 12791488 ----a-w- C:\Windows\system32\drivers\nv4_mini.sys
2011-10-03 03:06:03 . 2010-05-21 08:44:41 472808 ----a-w- C:\Windows\system32\deployJava1.dll
2011-10-03 00:37:52 . 2010-10-25 17:20:23 73728 ----a-w- C:\Windows\system32\javacpl.cpl
2011-09-28 07:06:47 . 2004-08-18 20:00:00 602112 ----a-w- C:\Windows\system32\crypt32.dll
2011-09-26 09:41:42 . 2007-10-09 12:03:08 613376 ----a-w- C:\Windows\system32\uiautomationcore.dll
2011-09-26 09:41:42 . 2004-08-18 20:00:00 22528 ----a-w- C:\Windows\system32\oleaccrc.dll
2011-09-26 09:41:20 . 2004-08-18 20:00:00 220160 ----a-w- C:\Windows\system32\oleacc.dll
2011-09-23 17:15:36 . 2011-09-23 17:15:36 161280 ----a-w- C:\Windows\system32\fmod.dll
2011-09-23 17:15:35 . 2011-09-23 17:15:35 1008128 ----a-w- C:\Windows\system32\The Matrix Trilogy.scr
2011-09-06 14:10:02 . 2005-10-06 03:10:28 1858944 ----a-w- C:\Windows\system32\win32k.sys
2011-08-30 21:05:04 . 2011-08-30 21:05:04 83816 ----a-w- C:\Windows\system32\dns-sd.exe
2011-08-30 21:05:04 . 2011-08-30 21:05:04 73064 ----a-w- C:\Windows\system32\dnssd.dll
2011-08-30 21:05:04 . 2011-08-30 21:05:04 50536 ----a-w- C:\Windows\system32\jdns_sd.dll
2011-08-30 21:05:04 . 2011-08-30 21:05:04 178536 ----a-w- C:\Windows\system32\dnssdX.dll
2010-09-27 15:24:31 . 2010-09-27 15:24:50 774144 -c--a-w- C:\Program Files\RngInterstitial.dll
2011-11-09 08:30:43 . 2011-03-27 22:07:37 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
2011-04-13 18:16:16 39289424 --sh--w- C:\Windows\setupa.exe
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
[-] 2008-04-14 06:52:24 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\Windows\explorer.exe
[7] 2008-04-14 06:52:24 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\Windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 13:23:39 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] . . C:\Windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 13:11:59 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] . . C:\Windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2008-04-14 06:52:44 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\Windows\regedit.exe
[7] 2008-04-14 06:52:44 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\Windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 20:00:00 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\Windows\$NtServicePackUninstall$\regedit.exe
((((((((((((((((((((((((((((( SnapShot@2011-11-24_14.21.38 )))))))))))))))))))))))))))))))))))))))))
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 51008 C:\Windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 51008 C:\Windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 59728 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 59728 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 42832 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 42832 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 43344 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 43344 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 61264 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 61264 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 36688 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 36688 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 35648 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 35648 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 62800 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 62800 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 61760 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 61760 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 61776 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 61776 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 53568 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 53568 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 63296 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 63296 C:\Windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
- 2009-07-11 22:05:16 . 2009-07-11 22:05:16 59904 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 23:05:16 . 2009-07-11 23:05:16 59904 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-11 22:05:16 . 2009-07-11 22:05:16 59904 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2009-07-11 23:05:16 . 2009-07-11 23:05:16 59904 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2011-11-25 21:59:40 . 2011-11-25 21:59:40 16384 C:\Windows\temp\Perflib_Perfdata_774.dat
+ 2006-03-04 04:01:26 . 2011-08-22 23:41:24 66560 C:\Windows\system32\mshtmled.dll
- 2006-03-04 04:01:26 . 2009-03-08 03:31:26 66560 C:\Windows\system32\mshtmled.dll
+ 2009-03-08 03:31:52 . 2011-08-22 23:41:23 55296 C:\Windows\system32\msfeedsbs.dll
- 2009-03-08 03:31:52 . 2009-03-08 03:31:52 55296 C:\Windows\system32\msfeedsbs.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:23 43520 C:\Windows\system32\licmgr10.dll
- 2004-08-18 20:00:00 . 2009-03-08 03:33:26 25600 C:\Windows\system32\jsproxy.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:23 25600 C:\Windows\system32\jsproxy.dll
- 2006-03-04 04:01:26 . 2009-03-08 03:31:26 66560 C:\Windows\system32\dllcache\mshtmled.dll
+ 2006-03-04 04:01:26 . 2011-08-22 23:41:24 66560 C:\Windows\system32\dllcache\mshtmled.dll
- 2007-06-27 14:09:21 . 2009-03-08 03:31:52 55296 C:\Windows\system32\dllcache\msfeedsbs.dll
+ 2007-06-27 14:09:21 . 2011-08-22 23:41:23 55296 C:\Windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:23 43520 C:\Windows\system32\dllcache\licmgr10.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:23 25600 C:\Windows\system32\dllcache\jsproxy.dll
- 2004-08-18 20:00:00 . 2009-03-08 03:33:26 25600 C:\Windows\system32\dllcache\jsproxy.dll
+ 2011-11-25 00:09:29 . 2009-03-08 03:33:18 12288 C:\Windows\ie8updates\KB2586448-IE8\xpshims.dll
+ 2011-11-25 00:09:29 . 2010-07-05 13:13:24 18296 C:\Windows\ie8updates\KB2586448-IE8\spmsg.dll
+ 2011-11-25 00:09:29 . 2010-07-05 13:13:24 26488 C:\Windows\ie8updates\KB2586448-IE8\spcustom.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:31:26 66560 C:\Windows\ie8updates\KB2586448-IE8\mshtmled.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:31:52 55296 C:\Windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:34:30 43008 C:\Windows\ie8updates\KB2586448-IE8\licmgr10.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:33:26 25600 C:\Windows\ie8updates\KB2586448-IE8\jsproxy.dll
+ 2011-11-24 23:00:53 . 2010-07-05 13:13:24 18296 C:\Windows\ie8updates\KB2544521-IE8\spmsg.dll
+ 2011-11-24 23:00:53 . 2010-07-05 13:13:24 26488 C:\Windows\ie8updates\KB2544521-IE8\spcustom.dll
+ 2011-11-24 23:01:10 . 2010-07-05 13:13:24 18296 C:\Windows\ie8updates\KB2510531-IE8\spmsg.dll
+ 2011-11-24 23:01:10 . 2010-07-05 13:13:24 26488 C:\Windows\ie8updates\KB2510531-IE8\spcustom.dll
+ 2009-07-11 23:02:02 . 2009-07-11 23:02:02 653120 C:\Windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
- 2009-07-11 22:02:02 . 2009-07-11 22:02:02 653120 C:\Windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 569664 C:\Windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 569664 C:\Windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 23:05:16 . 2009-07-11 23:05:16 225280 C:\Windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-11 22:05:16 . 2009-07-11 22:05:16 225280 C:\Windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-11 22:02:00 . 2009-07-11 22:02:00 159032 C:\Windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-07-11 23:02:00 . 2009-07-11 23:02:00 159032 C:\Windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2006-03-04 04:01:28 . 2011-08-22 23:41:24 916480 C:\Windows\system32\wininet.dll
+ 2004-08-18 20:00:00 . 2011-03-04 06:36:57 420864 C:\Windows\system32\vbscript.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:24 105984 C:\Windows\system32\url.dll
- 2004-08-18 20:00:00 . 2009-03-08 03:34:28 105984 C:\Windows\system32\url.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:24 206848 C:\Windows\system32\occache.dll
+ 2006-03-04 04:01:26 . 2011-08-22 23:41:24 611840 C:\Windows\system32\mstime.dll
- 2006-03-04 04:01:26 . 2009-03-08 03:32:04 611840 C:\Windows\system32\mstime.dll
+ 2009-03-08 03:32:26 . 2011-08-22 23:41:23 602112 C:\Windows\system32\msfeeds.dll
- 2004-08-18 20:00:00 . 2009-03-08 03:33:16 726528 C:\Windows\system32\jscript.dll
+ 2004-08-18 20:00:00 . 2011-03-04 06:36:57 726528 C:\Windows\system32\jscript.dll
+ 2006-03-04 04:01:24 . 2011-08-22 23:41:23 184320 C:\Windows\system32\iepeers.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:22 387584 C:\Windows\system32\iedkcs32.dll
+ 2004-08-18 20:00:00 . 2011-08-22 11:56:56 174080 C:\Windows\system32\ie4uinit.exe
+ 2006-03-04 04:01:28 . 2011-08-22 23:41:24 916480 C:\Windows\system32\dllcache\wininet.dll
+ 2004-08-18 20:00:00 . 2011-04-30 03:00:49 758784 C:\Windows\system32\dllcache\vgx.dll
+ 2008-05-09 10:56:13 . 2011-03-04 06:36:57 420864 C:\Windows\system32\dllcache\vbscript.dll
- 2004-08-18 20:00:00 . 2009-03-08 03:34:28 105984 C:\Windows\system32\dllcache\url.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:24 105984 C:\Windows\system32\dllcache\url.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:24 206848 C:\Windows\system32\dllcache\occache.dll
+ 2006-03-04 04:01:26 . 2011-08-22 23:41:24 611840 C:\Windows\system32\dllcache\mstime.dll
- 2006-03-04 04:01:26 . 2009-03-08 03:32:04 611840 C:\Windows\system32\dllcache\mstime.dll
+ 2007-06-27 14:09:21 . 2011-08-22 23:41:23 602112 C:\Windows\system32\dllcache\msfeeds.dll
+ 2008-05-09 10:56:13 . 2011-03-04 06:36:57 726528 C:\Windows\system32\dllcache\jscript.dll
- 2008-05-09 10:56:13 . 2009-03-08 03:33:16 726528 C:\Windows\system32\dllcache\jscript.dll
+ 2006-03-04 04:01:24 . 2011-08-22 23:41:23 184320 C:\Windows\system32\dllcache\iepeers.dll
+ 2004-08-18 20:00:00 . 2011-08-22 23:41:22 387584 C:\Windows\system32\dllcache\iedkcs32.dll
+ 2004-08-18 20:00:00 . 2011-08-22 11:56:56 174080 C:\Windows\system32\dllcache\ie4uinit.exe
+ 2011-11-25 00:09:28 . 2009-03-08 03:34:58 914944 C:\Windows\ie8updates\KB2586448-IE8\wininet.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:34:28 105984 C:\Windows\ie8updates\KB2586448-IE8\url.dll
+ 2011-11-25 00:09:29 . 2010-07-05 13:13:35 391032 C:\Windows\ie8updates\KB2586448-IE8\updspapi.dll
+ 2011-11-25 00:09:29 . 2010-07-05 13:13:27 759160 C:\Windows\ie8updates\KB2586448-IE8\update.exe
+ 2011-11-25 00:09:29 . 2010-07-05 13:13:35 391032 C:\Windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
+ 2011-11-25 00:09:29 . 2010-07-05 13:13:24 233848 C:\Windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
+ 2011-11-25 00:09:29 . 2010-07-05 13:13:24 233848 C:\Windows\ie8updates\KB2586448-IE8\spuninst.exe
+ 2011-11-25 00:09:28 . 2009-03-08 03:34:18 109568 C:\Windows\ie8updates\KB2586448-IE8\occache.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:32:04 611840 C:\Windows\ie8updates\KB2586448-IE8\mstime.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:32:26 594432 C:\Windows\ie8updates\KB2586448-IE8\msfeeds.dll
+ 2011-11-25 00:09:29 . 2009-03-08 03:33:50 246784 C:\Windows\ie8updates\KB2586448-IE8\ieproxy.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:31:56 183808 C:\Windows\ie8updates\KB2586448-IE8\iepeers.dll
+ 2011-11-25 00:09:29 . 2009-03-08 03:35:32 742912 C:\Windows\ie8updates\KB2586448-IE8\iedvtool.dll
+ 2011-11-25 00:09:29 . 2009-03-08 13:09:26 391536 C:\Windows\ie8updates\KB2586448-IE8\iedkcs32.dll
+ 2011-11-25 00:09:29 . 2009-03-08 03:32:54 173056 C:\Windows\ie8updates\KB2586448-IE8\ie4uinit.exe
+ 2011-11-24 23:00:53 . 2009-03-08 03:33:48 759296 C:\Windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-11-24 23:00:53 . 2010-07-05 13:13:35 391032 C:\Windows\ie8updates\KB2544521-IE8\updspapi.dll
+ 2011-11-24 23:00:53 . 2010-07-05 13:13:27 759160 C:\Windows\ie8updates\KB2544521-IE8\update.exe
+ 2011-11-24 23:00:53 . 2010-07-05 13:13:35 391032 C:\Windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-11-24 23:00:54 . 2010-07-05 13:13:24 233848 C:\Windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-11-24 23:00:53 . 2010-07-05 13:13:24 233848 C:\Windows\ie8updates\KB2544521-IE8\spuninst.exe
+ 2011-11-24 23:01:10 . 2009-03-08 03:33:06 420352 C:\Windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-11-24 23:01:10 . 2010-07-05 13:13:35 391032 C:\Windows\ie8updates\KB2510531-IE8\updspapi.dll
+ 2011-11-24 23:01:10 . 2010-07-05 13:13:27 759160 C:\Windows\ie8updates\KB2510531-IE8\update.exe
+ 2011-11-24 23:01:10 . 2010-07-05 13:13:35 391032 C:\Windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-11-24 23:01:10 . 2010-07-05 13:13:24 233848 C:\Windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-11-24 23:01:10 . 2010-07-05 13:13:24 233848 C:\Windows\ie8updates\KB2510531-IE8\spuninst.exe
+ 2011-11-24 23:01:10 . 2009-03-08 03:33:16 726528 C:\Windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2009-07-11 23:02:02 . 2009-07-11 23:02:02 3780424 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-11 22:02:02 . 2009-07-11 22:02:02 3780424 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 23:02:02 . 2009-07-11 23:02:02 3765048 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
- 2009-07-11 22:02:02 . 2009-07-11 22:02:02 3765048 C:\Windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2006-03-18 11:07:58 . 2011-08-22 23:41:24 1212416 C:\Windows\system32\urlmon.dll
+ 2006-03-23 20:30:22 . 2011-10-03 08:31:24 5971456 C:\Windows\system32\mshtml.dll
+ 2009-03-08 03:32:22 . 2011-08-22 23:41:23 2000384 C:\Windows\system32\iertutil.dll
+ 2006-03-18 11:07:58 . 2011-08-22 23:41:24 1212416 C:\Windows\system32\dllcache\urlmon.dll
+ 2006-03-23 20:30:22 . 2011-10-03 08:31:24 5971456 C:\Windows\system32\dllcache\mshtml.dll
+ 2007-06-27 14:09:16 . 2011-08-22 23:41:23 2000384 C:\Windows\system32\dllcache\iertutil.dll
+ 2011-11-24 14:41:49 . 2011-11-24 14:41:49 1123840 C:\Windows\Installer\aa6c1.msi
+ 2011-11-25 00:09:28 . 2009-03-08 03:34:56 1206784 C:\Windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:41:16 5937152 C:\Windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:32:22 1985024 C:\Windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2009-03-08 03:39:48 . 2011-08-23 16:41:24 11081728 C:\Windows\system32\ieframe.dll
+ 2007-06-27 14:09:15 . 2011-08-23 16:41:24 11081728 C:\Windows\system32\dllcache\ieframe.dll
+ 2011-11-25 00:09:28 . 2009-03-08 03:39:48 11063808 C:\Windows\ie8updates\KB2586448-IE8\ieframe.dll
-- Snímek resetován k současnému datu --
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49:38 176936 ----a-w- C:\Program Files\uTorrentBar\prxtbuTo2.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 14:07:20 2260480]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 15:50:20 1289000]
"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" [2011-07-18 15:00:10 3077528]
"KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-06-24 06:54:46 20880]
"Steam"="C:\Program Files\Steam\steam.exe" [2011-11-20 14:37:34 1242448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 00:48:00 16208384]
"SkyTel"="SkyTel.EXE" [2006-05-16 02:04:26 2879488]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 20:00:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 20:00:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 20:00:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 20:00:00 455168]
"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2006-08-11 15:14:28 110592]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [2006-07-26 20:42:56 143360]
"SMail"="C:\Program Files\Seznam\Postak\Postak.exe" [BU]
"PC-Checkup"="C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe" [BU]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 04:03:58 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 09:58:18 86960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 05:42:51 36272]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [BU]
"Nikon Transfer Monitor"="C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 14:58:46 479232]
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-06-27 09:25:10 500208]
"SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [BU]
"AdobeCS5ServiceManager"="C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [BU]
"Nikon Message Center 2"="C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 17:16:16 619008]
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 19:17:46 1226608]
"Free PDF Print Dispatcher"="C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe" [2010-01-15 14:51:04 25600]
"Olympus ib"="C:\Program Files\Olympus\ib\olycamdetect.exe" [2011-03-11 14:17:30 93360]
"MDS_Menu"="C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2010-07-01 10:43:42 220336]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 13:57:24 153136]
"TkBellExe"="C:\program files\real\realplayer\update\realsched.exe" [2011-06-18 16:29:21 273544]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 05:22:28 59240]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 11:06:06 254696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-11-12 23:24:58 421736]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2011-10-24 13:28:52 421888]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 04:50:00 203072]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2011-10-08 04:50:00 16744256]
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 04:50:00 1632360]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [BU]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 06:52:18 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AtiExtEvent]
[BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[BU]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"C:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Documents and Settings\\Mike\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Samsung\\Intelli-studio\\iStudio.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\TmUnitedForever\\TmForever.exe"=
"C:\\Documents and Settings\\Mike\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite (Eval) 2012\\RpcAgentSrv.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite (Eval) 2012\\WNt500x86\\RpcSandraSrv.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"C:\\Program Files\\Steam\\Steam.exe"=
"C:\\Program Files\\Steam\\steamapps\\common\\might and magic clash of heroes\\ClashOfHeroes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18285:TCP"= 18285:TCP:BitComet 18285 TCP
"18285:UDP"= 18285:UDP:BitComet 18285 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"58890:TCP"= 58890:TCP:Pando Media Booster
"58890:UDP"= 58890:UDP:Pando Media Booster
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [6.12.2005 16:11:18 35328]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [8.1.2007 22:21:55 715248]
R0 vax347b;vax347b;C:\WINDOWS\system32\drivers\vax347b.sys [10.2.2008 21:52:34 159616]
R0 vax347s;vax347s;C:\WINDOWS\system32\drivers\vax347s.sys [10.2.2008 21:52:34 5248]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [23.11.2011 2:35:37 17904]
R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [9.1.2007 23:13:55 12856]
R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\UsbFltr.sys [9.1.2007 23:13:51 8576]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;C:\Program Files\Emsisoft Anti-Malware\a2service.exe [23.11.2011 2:35:36 2996784]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [12.12.2010 0:45:16 217088]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\WINDOWS\system32\nlssrv32.exe [21.2.2011 22:17:32 66560]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.11.2011 11:07:43 2253120]
R2 WinDefend;Windows Defender;C:\Program Files\Windows Defender\MsMpEng.exe [3.11.2006 19:19:58 13592]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [12.12.2010 0:45:16 36640]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16:28 753504]
S0 SMR210;Symantec SMR Utility Service 2.1.0;C:\Windows\system32\drivers\SMR210.SYS --> C:\Windows\system32\drivers\SMR210.SYS [?]
S2 Application Updater;Application Updater;"C:\Program Files\Application Updater\ApplicationUpdater.exe" --> C:\Program Files\Application Updater\ApplicationUpdater.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16:28 130384]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2.3.2011 9:05:59 136176]
S2 PCSpeedUpService;PCSpeedUp Service;"C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe" --> C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe [?]
S3 cpuz130;cpuz130;\??\C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [16.3.2011 12:48:16 20032]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2.3.2011 9:05:59 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\Windows\system32\drivers\mbamswissarmy.sys --> C:\Windows\system32\drivers\mbamswissarmy.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\drivers\pcouffin.sys [11.5.2007 8:57:21 47360]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);C:\WINDOWS\system32\drivers\s0016bus.sys [12.12.2010 20:13:31 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;C:\WINDOWS\system32\drivers\s0016mdfl.sys [12.12.2010 20:13:32 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;C:\WINDOWS\system32\drivers\s0016mdm.sys [12.12.2010 20:13:32 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\drivers\s0016mgmt.sys [12.12.2010 20:13:39 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);C:\WINDOWS\system32\drivers\s0016nd5.sys [12.12.2010 20:13:34 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;C:\WINDOWS\system32\drivers\s0016obex.sys [12.12.2010 20:13:36 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);C:\WINDOWS\system32\drivers\s0016unic.sys [12.12.2010 20:13:41 115752]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe [19.11.2011 11:28:16 93848]
S3 SwitchBoard;SwitchBoard;"C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" --> C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [?]
S3 TrueSight;TrueSight;\??\c:\windows\system32\drivers\TrueSight.sys --> c:\windows\system32\drivers\TrueSight.sys [?]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - FSUSBEXDISK
Obsah adresáře 'Naplánované úlohy'
2011-11-22 C:\Windows\Tasks\AdobeAAMUpdater-1.0-ACER-64B9BF4930-Mike.job
- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-06-27 09:26:29 . 2010-06-27 09:25:10]
2011-11-18 C:\Windows\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57:16 . 2011-06-01 15:57:16]
2011-11-25 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-02 08:05:59 . 2010-10-13 22:19:04]
2011-11-24 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-02 08:05:59 . 2010-10-13 22:19:04]
2011-11-25 C:\Windows\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20:06 . 2006-11-03 18:20:06]
2011-11-25 C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-25 C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-500.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-25 C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-24 C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-500.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
------- Doplňkový sken -------
uInternet Settings,ProxyOverride = ;*.local;<local>
TCP: DhcpNameServer = 192.168.1.1
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxp://software.seznam.cz/listicka/toolbar.cab
FF - ProfilePath - C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - user.js: extentions.y2layers.installId - b90a585a-9777-4b09-a3bc-32025a835298
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D} - (no file)
BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
ShellExecuteHooks-{097F10A7-487F-4457-AB1F-827C59479A72} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
Notify-!SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Ten log není celý 
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Je celý, kontrolovala jsem to. Víc tam toho soubor ComboFix.txt neobsahuje.motji píše:Ten log není celý
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
Zkuste ho znovu spustit v nouzovém režimu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
OK, script ComboFixu spuštěn v nouzovém režimu. Proběhla kontrola, poté restart (nechala jsem PC restartovat do běžného režimu). Vyskočilo okno o tom, že se připravuje log. Pak tam naběhlo, že skoro hotovo, okno se za chvíli zavře, vyčkejte na zobrazení logu. Pak se ale počítač ještě jednou zrestartoval. A po restartu vyběhla hláška, že systém byl obnoven po závažné chybě a takovéto, zda o tom informovat Microsoft a nebo ne. (Je to takto v pořádku?)motji píše:Zkuste ho znovu spustit v nouzovém režimu.
Log je tu:
ComboFix 11-11-25.02 - Mike 27.11.2011 9:22:48.3.1 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2815.2473 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Mike\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Mike\Plocha\CFScript.txt
FILE ::
"C:\DOCUME~1\Mike\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys"
"C:\Windows\system32\drivers\aplqjx.sys"
"C:\WINDOWS\system32\drivers\ddvdseooc.sys"
ADS - Windows: deleted 0 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AMDMSRIO
-------\Legacy_KYDQBUVK
-------\Service_AMDMSRIO
-------\Service_ethpoiwr
-------\Service_kydqbuvk
-------\Service_wygtuxv
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-27 do 2011-11-27 )))))))))))))))))))))))))))))))
2011-11-27 08:32:52 . 2011-11-27 08:32:52 56200 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{AB89C914-27CB-44F4-8090-19AD4255F1ED}\offreg.dll
2011-11-26 20:08:04 . 2011-11-26 20:08:05 -------- d-----w- C:\Program Files\SystemRequirementsLab
2011-11-25 20:56:41 . 2011-10-18 00:28:06 6668624 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{AB89C914-27CB-44F4-8090-19AD4255F1ED}\mpengine.dll
2011-11-24 14:43:58 . 2011-10-18 00:28:06 6668624 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-11-24 14:43:54 . 2011-05-24 17:14:10 222080 ------w- C:\Windows\system32\MpSigStub.exe
2011-11-24 14:41:45 . 2011-11-24 14:41:45 -------- d-----w- C:\Program Files\Windows Defender
2011-11-24 13:12:37 . 2011-11-24 13:12:37 -------- d-----w- C:\TDSSKiller_Quarantine
2011-11-24 11:07:29 . 2011-11-24 11:07:37 -------- dc-h--w- C:\Windows\ie8
2011-11-24 09:46:06 . 2011-11-24 09:46:06 -------- d-----w- C:\Windows\system32\drivers\NIS
2011-11-24 09:10:10 . 2011-11-24 09:15:39 -------- d-----w- C:\Documents and Settings\Mike\Local Settings\Data aplikací\NPE
2011-11-24 07:21:38 . 2011-11-24 07:27:34 -------- d-----w- C:\rsit
2011-11-24 07:21:38 . 2011-11-24 07:25:58 -------- d-----w- C:\Program Files\trend micro
2011-11-23 21:37:44 . 2011-11-23 21:37:44 -------- d-----w- C:\Windows\system32\drivers\NAV
2011-11-23 14:27:39 . 2011-11-23 14:27:39 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\PCSettings
2011-11-23 14:17:30 . 2011-11-24 11:10:38 -------- d-----w- C:\Documents and Settings\Administrator
2011-11-23 13:41:07 . 2011-11-23 13:41:07 -------- d-----w- C:\Program Files\Windows Sidebar
2011-11-23 11:33:11 . 2011-11-23 11:33:11 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\EurekaLog
2011-11-23 02:05:54 . 2011-11-23 02:05:54 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\Uniblue
2011-11-23 02:05:51 . 2011-11-24 15:07:35 -------- d-----w- C:\Program Files\Uniblue
2011-11-23 02:05:45 . 2011-11-23 02:05:45 -------- d-----w- C:\Documents and Settings\Mike\Local Settings\Data aplikací\PackageAware
2011-11-23 01:40:26 . 2011-11-23 01:40:26 -------- d-----w- C:\RRTVAULT
2011-11-23 01:35:35 . 2011-11-27 08:19:16 -------- d-----w- C:\Program Files\Emsisoft Anti-Malware
2011-11-21 20:19:30 . 2011-11-21 20:19:30 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\Malwarebytes
2011-11-21 20:19:27 . 2011-11-21 20:19:27 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-11-21 20:07:00 . 2011-11-21 20:07:00 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\QuickScan
2011-11-20 21:29:37 . 2011-11-20 21:29:53 -------- d-----w- C:\WeruFoto
2011-11-20 21:19:52 . 2011-11-20 21:20:06 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Media Get LLC
2011-11-20 14:37:04 . 2011-11-20 14:37:04 -------- d-----w- C:\Program Files\Common Files\Steam
2011-11-20 14:37:04 . 2011-11-20 14:37:04 -------- d-----w- C:\Documents and Settings\All Users\Nabdka Start
2011-11-20 14:37:01 . 2011-11-27 08:34:40 -------- d-----w- C:\Program Files\Steam
2011-11-20 10:43:25 . 2011-11-20 10:43:25 -------- d-----w- C:\Documents and Settings\Mike\Data aplikací\NVIDIA
2011-11-20 10:07:46 . 2011-11-20 10:07:48 -------- d-----w- C:\Documents and Settings\UpdatusUser
2011-11-20 10:07:25 . 2011-10-08 04:50:00 602432 ----a-w- C:\Windows\system32\easyupdatusapiu.dll
2011-11-20 10:07:13 . 2011-11-20 10:07:17 285176 ----a-w- C:\Windows\system32\nvdrsdb0.bin
2011-11-20 10:07:13 . 2011-11-20 10:07:17 1 ----a-w- C:\Windows\system32\nvdrssel.bin
2011-11-20 10:07:13 . 2011-11-20 10:07:13 285176 ----a-w- C:\Windows\system32\nvdrsdb1.bin
2011-11-20 10:05:55 . 2011-10-08 04:50:00 877376 ----a-w- C:\Windows\system32\nvgenco32.dll
2011-11-20 10:05:54 . 2011-10-08 04:50:00 919872 ----a-w- C:\Windows\system32\nvdispco32.dll
2011-11-20 09:54:32 . 2011-11-20 16:29:13 -------- d-----w- C:\ATI
2011-11-19 10:30:09 . 2010-06-02 03:55:30 74072 ----a-w- C:\Windows\system32\XAPOFX1_5.dll
2011-11-19 10:30:09 . 2010-06-02 03:55:30 527192 ----a-w- C:\Windows\system32\XAudio2_7.dll
2011-11-19 10:30:08 . 2010-06-02 03:55:30 239960 ----a-w- C:\Windows\system32\xactengine3_7.dll
2011-11-19 10:30:07 . 2010-05-26 10:41:02 2106216 ----a-w- C:\Windows\system32\D3DCompiler_43.dll
2011-11-19 10:30:07 . 2010-05-26 10:41:02 1868128 ----a-w- C:\Windows\system32\d3dcsx_43.dll
2011-11-19 10:30:06 . 2010-05-26 10:41:02 470880 ----a-w- C:\Windows\system32\d3dx10_43.dll
2011-11-19 10:30:06 . 2010-05-26 10:41:02 248672 ----a-w- C:\Windows\system32\d3dx11_43.dll
2011-11-19 10:30:05 . 2010-05-26 10:41:02 1998168 ----a-w- C:\Windows\system32\D3DX9_43.dll
2011-11-19 10:10:17 . 2011-11-19 10:10:17 0 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65E.tmp
2011-11-19 10:10:11 . 2011-11-19 10:10:11 0 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65D.tmp
2011-11-19 10:10:10 . 2011-11-19 10:10:11 13661 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65C.tmp
2011-11-19 10:10:08 . 2011-11-19 10:10:10 7240 ----a-w- C:\Documents and Settings\All Users\Data aplikací\xml65B.tmp
2011-11-18 19:28:56 . 2011-11-18 19:28:56 -------- d-----w- C:\Program Files\iPod
2011-11-18 19:28:49 . 2011-11-18 19:30:25 -------- d-----w- C:\Program Files\iTunes
2011-11-02 21:37:33 . 2011-11-02 21:37:33 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\SUPERSetup
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-10-27 07:34:24 . 2010-06-19 18:17:06 57344 ----a-r- C:\Documents and Settings\Mike\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-10-27 07:29:12 . 2006-07-11 16:07:30 106496 ----a-w- C:\Windows\system32\ATL71.DLL
2011-10-24 13:29:02 . 2011-10-24 13:29:02 94208 ----a-w- C:\Windows\system32\QuickTimeVR.qtx
2011-10-24 13:29:02 . 2011-10-24 13:29:02 69632 ----a-w- C:\Windows\system32\QuickTime.qts
2011-10-10 14:22:49 . 2006-03-17 09:13:16 692736 ----a-w- C:\Windows\system32\inetcomm.dll
2011-10-08 21:48:57 . 2011-05-23 18:40:01 414368 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2011-10-08 04:50:00 . 2010-04-03 20:55:32 65536 ----a-w- C:\Windows\system32\OpenCL.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 5595136 ----a-w- C:\Windows\system32\nvcuda.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 2398016 ----a-w- C:\Windows\system32\nvcuvid.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 2099520 ----a-w- C:\Windows\system32\nvcuvenc.dll
2011-10-08 04:50:00 . 2010-04-03 20:55:32 17240064 ----a-w- C:\Windows\system32\nvcompiler.dll
2011-10-08 04:50:00 . 2010-04-03 17:23:16 298304 ----a-w- C:\Windows\system32\nvsvc32.exe
2011-10-08 04:50:00 . 2010-04-03 17:23:16 220992 ----a-w- C:\Windows\system32\nvcolor.exe
2011-10-08 04:50:00 . 2010-04-03 17:23:16 203072 ----a-w- C:\Windows\system32\nvmctray.dll
2011-10-08 04:50:00 . 2010-04-03 17:23:16 16744256 ----a-w- C:\Windows\system32\nvcpl.dll
2011-10-08 04:50:00 . 2010-04-03 17:22:54 54272 ----a-w- C:\Windows\system32\nvwddi.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 4226688 ----a-w- C:\Windows\system32\nv4_disp.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 2449408 ----a-w- C:\Windows\system32\nvapi.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 17956864 ----a-w- C:\Windows\system32\nvoglnt.dll
2011-10-08 04:50:00 . 2006-07-11 22:19:00 12791488 ----a-w- C:\Windows\system32\drivers\nv4_mini.sys
2011-10-03 03:06:03 . 2010-05-21 08:44:41 472808 ----a-w- C:\Windows\system32\deployJava1.dll
2011-10-03 00:37:52 . 2010-10-25 17:20:23 73728 ----a-w- C:\Windows\system32\javacpl.cpl
2011-09-28 07:06:47 . 2004-08-18 20:00:00 602112 ----a-w- C:\Windows\system32\crypt32.dll
2011-09-26 09:41:42 . 2007-10-09 12:03:08 613376 ----a-w- C:\Windows\system32\uiautomationcore.dll
2011-09-26 09:41:42 . 2004-08-18 20:00:00 22528 ----a-w- C:\Windows\system32\oleaccrc.dll
2011-09-26 09:41:20 . 2004-08-18 20:00:00 220160 ----a-w- C:\Windows\system32\oleacc.dll
2011-09-23 17:15:36 . 2011-09-23 17:15:36 161280 ----a-w- C:\Windows\system32\fmod.dll
2011-09-23 17:15:35 . 2011-09-23 17:15:35 1008128 ----a-w- C:\Windows\system32\The Matrix Trilogy.scr
2011-09-06 14:10:02 . 2005-10-06 03:10:28 1858944 ----a-w- C:\Windows\system32\win32k.sys
2011-08-30 21:05:04 . 2011-08-30 21:05:04 83816 ----a-w- C:\Windows\system32\dns-sd.exe
2011-08-30 21:05:04 . 2011-08-30 21:05:04 73064 ----a-w- C:\Windows\system32\dnssd.dll
2011-08-30 21:05:04 . 2011-08-30 21:05:04 50536 ----a-w- C:\Windows\system32\jdns_sd.dll
2011-08-30 21:05:04 . 2011-08-30 21:05:04 178536 ----a-w- C:\Windows\system32\dnssdX.dll
2010-09-27 15:24:31 . 2010-09-27 15:24:50 774144 -c--a-w- C:\Program Files\RngInterstitial.dll
2011-11-09 08:30:43 . 2011-03-27 22:07:37 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
2011-04-13 18:16:16 39289424 --sh--w- C:\Windows\setupa.exe
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
[-] 2008-04-14 06:52:24 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\Windows\explorer.exe
[7] 2008-04-14 06:52:24 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\Windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 13:23:39 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] . . C:\Windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 13:11:59 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] . . C:\Windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2008-04-14 06:52:44 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\Windows\regedit.exe
[7] 2008-04-14 06:52:44 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\Windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 20:00:00 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\Windows\$NtServicePackUninstall$\regedit.exe
((((((((((((((((((((((((((((( SnapShot_2011-11-25_22.00.04 )))))))))))))))))))))))))))))))))))))))))
+ 2011-11-27 08:33:09 . 2011-11-27 08:33:09 16384 C:\Windows\temp\Perflib_Perfdata_79c.dat
+ 2009-04-03 09:26:42 . 2009-04-03 09:26:42 354608 C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49:38 176936 ----a-w- C:\Program Files\uTorrentBar\prxtbuTo2.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 14:07:20 2260480]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 15:50:20 1289000]
"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" [2011-07-18 15:00:10 3077528]
"KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-06-24 06:54:46 20880]
"Steam"="C:\Program Files\Steam\steam.exe" [2011-11-20 14:37:34 1242448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 00:48:00 16208384]
"SkyTel"="SkyTel.EXE" [2006-05-16 02:04:26 2879488]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 20:00:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 20:00:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 20:00:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 20:00:00 455168]
"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2006-08-11 15:14:28 110592]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [2006-07-26 20:42:56 143360]
"SMail"="C:\Program Files\Seznam\Postak\Postak.exe" [BU]
"PC-Checkup"="C:\Program Files\Speeditup Free\PCCheckUp\PCCheckUp.exe" [BU]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 04:03:58 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 09:58:18 86960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 05:42:51 36272]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [BU]
"Nikon Transfer Monitor"="C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 14:58:46 479232]
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-06-27 09:25:10 500208]
"SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [BU]
"AdobeCS5ServiceManager"="C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [BU]
"Nikon Message Center 2"="C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 17:16:16 619008]
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 19:17:46 1226608]
"Free PDF Print Dispatcher"="C:\Program Files\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe" [2010-01-15 14:51:04 25600]
"Olympus ib"="C:\Program Files\Olympus\ib\olycamdetect.exe" [2011-03-11 14:17:30 93360]
"MDS_Menu"="C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2010-07-01 10:43:42 220336]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 13:57:24 153136]
"TkBellExe"="C:\program files\real\realplayer\update\realsched.exe" [2011-06-18 16:29:21 273544]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 05:22:28 59240]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 11:06:06 254696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-11-12 23:24:58 421736]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2011-10-24 13:28:52 421888]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 04:50:00 203072]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2011-10-08 04:50:00 16744256]
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 04:50:00 1632360]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [BU]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 06:52:18 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AtiExtEvent]
[BU]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[BU]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"C:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Documents and Settings\\Mike\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Samsung\\Intelli-studio\\iStudio.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\TmUnitedForever\\TmForever.exe"=
"C:\\Documents and Settings\\Mike\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite (Eval) 2012\\RpcAgentSrv.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite (Eval) 2012\\WNt500x86\\RpcSandraSrv.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"C:\\Program Files\\Steam\\Steam.exe"=
"C:\\Program Files\\Steam\\steamapps\\common\\might and magic clash of heroes\\ClashOfHeroes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18285:TCP"= 18285:TCP:BitComet 18285 TCP
"18285:UDP"= 18285:UDP:BitComet 18285 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"58890:TCP"= 58890:TCP:Pando Media Booster
"58890:UDP"= 58890:UDP:Pando Media Booster
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [6.12.2005 16:11:18 35328]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [8.1.2007 22:21:55 715248]
R0 vax347b;vax347b;C:\WINDOWS\system32\drivers\vax347b.sys [10.2.2008 21:52:34 159616]
R0 vax347s;vax347s;C:\WINDOWS\system32\drivers\vax347s.sys [10.2.2008 21:52:34 5248]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [23.11.2011 2:35:37 17904]
R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [9.1.2007 23:13:55 12856]
R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\UsbFltr.sys [9.1.2007 23:13:51 8576]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;C:\Program Files\Emsisoft Anti-Malware\a2service.exe [23.11.2011 2:35:36 2996784]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [12.12.2010 0:45:16 217088]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\WINDOWS\system32\nlssrv32.exe [21.2.2011 22:17:32 66560]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.11.2011 11:07:43 2253120]
R2 WinDefend;Windows Defender;C:\Program Files\Windows Defender\MsMpEng.exe [3.11.2006 19:19:58 13592]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [12.12.2010 0:45:16 36640]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16:28 753504]
S0 SMR210;Symantec SMR Utility Service 2.1.0;C:\Windows\system32\drivers\SMR210.SYS --> C:\Windows\system32\drivers\SMR210.SYS [?]
S2 Application Updater;Application Updater;"C:\Program Files\Application Updater\ApplicationUpdater.exe" --> C:\Program Files\Application Updater\ApplicationUpdater.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16:28 130384]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2.3.2011 9:05:59 136176]
S2 PCSpeedUpService;PCSpeedUp Service;"C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe" --> C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe [?]
S3 cpuz130;cpuz130;\??\C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [16.3.2011 12:48:16 20032]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2.3.2011 9:05:59 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\Windows\system32\drivers\mbamswissarmy.sys --> C:\Windows\system32\drivers\mbamswissarmy.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\drivers\pcouffin.sys [11.5.2007 8:57:21 47360]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);C:\WINDOWS\system32\drivers\s0016bus.sys [12.12.2010 20:13:31 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;C:\WINDOWS\system32\drivers\s0016mdfl.sys [12.12.2010 20:13:32 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;C:\WINDOWS\system32\drivers\s0016mdm.sys [12.12.2010 20:13:32 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\drivers\s0016mgmt.sys [12.12.2010 20:13:39 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);C:\WINDOWS\system32\drivers\s0016nd5.sys [12.12.2010 20:13:34 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;C:\WINDOWS\system32\drivers\s0016obex.sys [12.12.2010 20:13:36 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);C:\WINDOWS\system32\drivers\s0016unic.sys [12.12.2010 20:13:41 115752]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Eval) 2012\RpcAgentSrv.exe [19.11.2011 11:28:16 93848]
S3 SwitchBoard;SwitchBoard;"C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" --> C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [?]
S3 TrueSight;TrueSight;\??\c:\windows\system32\drivers\TrueSight.sys --> c:\windows\system32\drivers\TrueSight.sys [?]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - FSUSBEXDISK
Obsah adresáře 'Naplánované úlohy'
2011-11-22 C:\Windows\Tasks\AdobeAAMUpdater-1.0-ACER-64B9BF4930-Mike.job
- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-06-27 09:26:29 . 2010-06-27 09:25:10]
2011-11-18 C:\Windows\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57:16 . 2011-06-01 15:57:16]
2011-11-27 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-02 08:05:59 . 2010-10-13 22:19:04]
2011-11-26 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-02 08:05:59 . 2010-10-13 22:19:04]
2011-11-27 C:\Windows\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20:06 . 2006-11-03 18:20:06]
2011-11-27 C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-27 C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1509661768-2596670817-2537616161-500.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-27 C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
2011-11-24 C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1509661768-2596670817-2537616161-500.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46]
------- Doplňkový sken -------
uInternet Settings,ProxyOverride = ;*.local;<local>
TCP: DhcpNameServer = 192.168.1.1
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxp://software.seznam.cz/listicka/toolbar.cab
FF - ProfilePath - C:\Documents and Settings\Mike\Data aplikací\Mozilla\Firefox\Profiles\bjzck3b9.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - user.js: extentions.y2layers.installId - b90a585a-9777-4b09-a3bc-32025a835298
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D} - (no file)
BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
ShellExecuteHooks-{097F10A7-487F-4457-AB1F-827C59479A72} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
Re: Odolná havěť v systému s mnoha projevy - prosím o kontro
A ted to s pc vypadá jak?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?
