Logfile of random's system information tool 1.09 (written by random/random)
Run by Bary at 2012-01-27 12:20:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 34 GB (14%) free of 250 GB
Total RAM: 3037 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:20:56, on 27.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\F-Secure\fshoster32.exe
C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\F-Secure\apps\ComputerSecurity\Gadget\fsgadget.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Bary\Downloads\RSIT.exe
C:\Program Files\trend micro\Bary.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/dvdstyler/{8A ... 444AAFEAF5}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Updater For Spam Free Search Bar - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files\blekkotb\auxi\blekkoAu.dll
O2 - BHO: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files\blekkotb\blekkoDx.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)
O3 - Toolbar: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files\blekkotb\blekkoDx.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [F-Secure Hoster] "C:\Program Files\F-Secure\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\F-Secure\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe
O23 - Service: GJNYKIOIR - Sysinternals - www.sysinternals.com - C:\Users\Bary\AppData\Local\Temp\GJNYKIOIR.exe
O23 - Service: MXCDA - Sysinternals - www.sysinternals.com - C:\Users\Bary\AppData\Local\Temp\MXCDA.exe
O23 - Service: OVFIFL - Sysinternals - www.sysinternals.com - C:\Users\Bary\AppData\Local\Temp\OVFIFL.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TONAZ - Sysinternals - www.sysinternals.com - C:\Users\Bary\AppData\Local\Temp\TONAZ.exe
O23 - Service: TVOKOOYB - Sysinternals - www.sysinternals.com - C:\Users\Bary\AppData\Local\Temp\TVOKOOYB.exe
O23 - Service: Securom User Access for Windows 2000 and Windows XP a technology by Sony DADC (UserAccess) - Unknown owner - C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe
--
End of file - 10373 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job
C:\Windows\tasks\Norton Security Scan for Bary.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2, bkmrksync@nokia.com:1.0.0.732, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, vshare@toolbar:1.0.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"fe_5.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_5.0
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
blekkotb.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\extensions\
engine@conduit.com
maps@ovi.com
toolbar@ask.com
vshare@toolbar
{00f12770-e60e-4dc6-9105-425bface7c73}
{75656794-AB59-4712-BFBC-5D816D56F3BC}
{800b5000-a755-47e1-992b-48a1c1357f07}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
search.xml
web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
Updater For Spam Free Search Bar - C:\Program Files\blekkotb\auxi\blekkoAu.dll [2011-12-22 262312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
Spam Free Search Bar - C:\Program Files\blekkotb\blekkoDx.dll [2011-12-22 86696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{338B4DFE-2E2C-4338-9E41-E176D497299E}
{26c9e18c-3717-4be1-a225-04e4471f5b6e} - Spam Free Search Bar - C:\Program Files\blekkotb\blekkoDx.dll [2011-12-22 86696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-07 98304]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-01-11 1230704]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2011-12-21 206504]
"F-Secure Hoster"=C:\Program Files\F-Secure\fshoster32.exe [2011-10-04 156328]
"F-Secure Manager"=C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [2011-10-04 311976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-03 136176]
"Polar Sync"= []
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
"NokiaPCInternetAccess"=C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [2009-09-17 663552]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FMVC"=fmcodec.dll
"msacm.siren"=sirenacm.dll
"msacm.l3codecp"=l3codecp.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-01-27 12:20:45 ----D---- C:\rsit
2012-01-26 21:04:37 ----A---- C:\Windows\system32\drivers\fsbts.sys
2012-01-26 21:04:19 ----A---- C:\Windows\system32\drivers\fses.sys
2012-01-26 21:04:18 ----A---- C:\Windows\prodsett_copy.ini
2012-01-26 21:04:17 ----A---- C:\Windows\system32\drivers\fsdfw.sys
2012-01-26 21:01:34 ----D---- C:\ProgramData\fssg
2012-01-26 21:00:48 ----D---- C:\Program Files\F-Secure
2012-01-26 21:00:08 ----D---- C:\ProgramData\F-Secure
2012-01-22 17:01:17 ----D---- C:\Program Files\Xilisoft
2012-01-19 12:19:43 ----D---- C:\Windows\WinAVI Video Converter 9.0
2012-01-19 12:19:43 ----D---- C:\Program Files\WinAVI Video Converter 9.0
2012-01-19 12:08:55 ----D---- C:\Program Files\WinRAR
2012-01-19 10:03:47 ----D---- C:\Program Files\Xvid
2012-01-19 10:03:47 ----A---- C:\Windows\system32\xvidvfw.dll
2012-01-19 10:03:47 ----A---- C:\Windows\system32\xvidcore.dll
2012-01-19 10:03:31 ----A---- C:\Windows\system32\ff_vfw.dll
2012-01-19 10:03:30 ----D---- C:\Program Files\ffdshow
2012-01-19 10:03:12 ----D---- C:\Program Files\Haali
2012-01-19 10:02:32 ----D---- C:\Program Files\AviSynth 2.5
2012-01-19 10:01:49 ----D---- C:\Program Files\Avi2Dvd
2012-01-19 09:56:57 ----A---- C:\Windows\system32\ssubtmr6.dll
2012-01-11 20:08:02 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 20:08:01 ----A---- C:\Windows\system32\packager.dll
2012-01-11 20:08:00 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 20:07:59 ----A---- C:\Windows\system32\qdvd.dll
2012-01-04 17:30:26 ----D---- C:\ProgramData\Anti-phishing Domain Advisor
2012-01-04 17:30:15 ----D---- C:\Program Files\blekkotb
2012-01-04 09:31:15 ----D---- C:\Users\Bary\AppData\Roaming\Serif
2012-01-03 13:12:25 ----D---- C:\Program Files\DsNET Corp
======List of files/folders modified in the last 1 month======
2060-08-18 19:02:22 ----N---- C:\Windows\system32\Cc3250mt.dll
2060-08-18 18:40:44 ----N---- C:\Windows\system32\Cp3245mt.dll
2060-08-18 18:40:44 ----N---- C:\Windows\system32\Borlndmm.dll
2012-01-27 12:20:56 ----D---- C:\Windows\Prefetch
2012-01-27 12:20:54 ----D---- C:\Windows\Temp
2012-01-27 12:20:51 ----D---- C:\Program Files\trend micro
2012-01-27 11:15:11 ----D---- C:\Windows\system32\config
2012-01-27 11:09:10 ----SHD---- C:\System Volume Information
2012-01-27 10:32:50 ----D---- C:\Program Files
2012-01-27 10:32:09 ----SHD---- C:\Windows\Installer
2012-01-27 10:32:08 ----SHD---- C:\Config.Msi
2012-01-27 10:32:04 ----D---- C:\Program Files\Google
2012-01-27 10:29:59 ----D---- C:\Windows\system32\Tasks
2012-01-27 10:00:16 ----D---- C:\Windows
2012-01-27 10:00:15 ----D---- C:\Program Files\Mozilla Firefox
2012-01-27 09:20:19 ----D---- C:\Windows\System32
2012-01-27 08:52:15 ----D---- C:\Windows\system32\drivers
2012-01-27 08:46:02 ----D---- C:\Windows\inf
2012-01-27 08:40:31 ----D---- C:\Users\Bary\AppData\Roaming\Skype
2012-01-26 21:04:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-26 21:02:41 ----HD---- C:\Windows\system32\GroupPolicy
2012-01-26 21:01:34 ----HD---- C:\ProgramData
2012-01-26 21:00:59 ----D---- C:\Windows\winsxs
2012-01-22 16:56:34 ----D---- C:\Windows\system32\catroot2
2012-01-22 16:56:34 ----D---- C:\Windows\system32\catroot
2012-01-19 12:25:18 ----D---- C:\Users\Bary\AppData\Roaming\Vso
2012-01-19 12:25:18 ----A---- C:\Users\Bary\AppData\Roaming\inst.exe
2012-01-19 12:05:17 ----D---- C:\Windows\system32\DriverStore
2012-01-12 18:05:19 ----D---- C:\Windows\debug
2012-01-11 22:37:43 ----D---- C:\Windows\Microsoft.NET
2012-01-11 22:37:27 ----RSD---- C:\Windows\assembly
2012-01-11 22:33:05 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 22:32:55 ----D---- C:\Windows\ehome
2012-01-05 18:05:39 ----SD---- C:\Users\Bary\AppData\Roaming\Microsoft
2012-01-04 09:50:52 ----D---- C:\ProgramData\Installations
2012-01-04 09:49:30 ----D---- C:\Program Files\Common Files
2012-01-04 09:31:04 ----RSD---- C:\Windows\Fonts
2012-01-04 09:30:45 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-03 10:48:01 ----D---- C:\Users\Bary\AppData\Roaming\DAEMON Tools Lite
2012-01-03 10:47:08 ----D---- C:\Windows\Panther
2012-01-03 10:47:08 ----D---- C:\Windows\ModemLogs
2012-01-03 10:47:08 ----D---- C:\Windows\Minidump
2012-01-03 10:47:08 ----D---- C:\Windows\Logs
2012-01-01 22:29:36 ----SD---- C:\ProgramData\Microsoft
2012-01-01 22:29:36 ----D---- C:\Program Files\Microsoft
2012-01-01 22:27:47 ----D---- C:\Windows\system32\Macromed
2012-01-01 22:19:40 ----D---- C:\Program Files\EA SPORTS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2012-01-26 42672]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-11 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-01-26 73192]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-10-04 37928]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2011-10-04 72872]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2011-10-04 14504]
R1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2002-03-19 14165]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-08 4994048]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-01-26 148632]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-03-03 48640]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2004-12-03 20544]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S1 MpKsl13ece6e7;MpKsl13ece6e7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{00CCDCAF-7164-4021-B773-910746B08311}\MpKsl13ece6e7.sys []
S1 MpKsl1c1a23cc;MpKsl1c1a23cc; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7150FB3C-DE07-4B24-8AB9-16D0453D5853}\MpKsl1c1a23cc.sys []
S1 MpKsl1d733eac;MpKsl1d733eac; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{944C9B16-29D3-4AAF-AF87-C3AAC6B4EB38}\MpKsl1d733eac.sys []
S1 MpKsl25f4e036;MpKsl25f4e036; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{022257E2-A9E4-4AF7-A563-EDC8A9EC7978}\MpKsl25f4e036.sys []
S1 MpKsl2f363a1f;MpKsl2f363a1f; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl2f363a1f.sys []
S1 MpKsl3132231f;MpKsl3132231f; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl3132231f.sys []
S1 MpKsl32b32ac0;MpKsl32b32ac0; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2DFEA8A1-77CE-498C-8550-C734C95565C1}\MpKsl32b32ac0.sys []
S1 MpKsl32e53249;MpKsl32e53249; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl32e53249.sys []
S1 MpKsl4f4770fa;MpKsl4f4770fa; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DBC7B705-D0EB-4350-AFDF-AA374D6A8358}\MpKsl4f4770fa.sys []
S1 MpKsl5ad98acd;MpKsl5ad98acd; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6F158D2-2F64-4FDB-AD77-94DEEC2E30FC}\MpKsl5ad98acd.sys []
S1 MpKsl9ea3d989;MpKsl9ea3d989; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3CECA5F-50FB-4785-9A25-CD59F69D0615}\MpKsl9ea3d989.sys []
S1 MpKslaf34cc94;MpKslaf34cc94; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3CECA5F-50FB-4785-9A25-CD59F69D0615}\MpKslaf34cc94.sys []
S1 MpKslbf733915;MpKslbf733915; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CE562FD9-4829-4859-A1CD-FA1421BB749E}\MpKslbf733915.sys []
S1 MpKsle4de4ba5;MpKsle4de4ba5; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AF4AFEE3-E682-406B-BB24-610F22D4750D}\MpKsle4de4ba5.sys []
S1 MpKslf67958e7;MpKslf67958e7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FD4A4CCA-D621-4B77-A912-BC7B4C683F7C}\MpKslf67958e7.sys []
S1 MpKslff9d0e46;MpKslff9d0e46; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C078E01-C652-45B6-935E-730B44B6D638}\MpKslff9d0e46.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-04-29 25280]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MosIrUsb;MosIrUsb.sys; C:\Windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-01-19 47360]
S3 PnkBstrK;PnkBstrK; \??\C:\Windows\system32\drivers\PnkBstrK.sys [2011-03-18 137464]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 stusb2ir;USB 2.0 IrDA Bridge; C:\Windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-08 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe [2011-10-04 221864]
R2 fshoster;F-Secure Dll Hoster; C:\Program Files\F-Secure\fshoster32.exe [2011-10-04 156328]
R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-05 61112]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-02-19 186760]
R2 UserAccess;Securom User Access for Windows 2000 and Windows XP a technology by Sony DADC; C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe [2001-12-21 53248]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe [2011-10-04 557736]
R3 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [2011-10-04 213672]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-03-06 75064]
S2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-03-18 214520]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 GJNYKIOIR;GJNYKIOIR; C:\Users\Bary\AppData\Local\Temp\GJNYKIOIR.exe [2012-01-27 584576]
S3 MXCDA;MXCDA; C:\Users\Bary\AppData\Local\Temp\MXCDA.exe [2012-01-27 478080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 OVFIFL;OVFIFL; C:\Users\Bary\AppData\Local\Temp\OVFIFL.exe [2012-01-27 457600]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TONAZ;TONAZ; C:\Users\Bary\AppData\Local\Temp\TONAZ.exe [2012-01-27 514944]
S3 TVOKOOYB;TVOKOOYB; C:\Users\Bary\AppData\Local\Temp\TVOKOOYB.exe [2012-01-27 371584]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu,děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu,děkuji
Zdravim a pekny den preji 
Jedna se prosim o domaci PC ci nejake pracovni\firemni 
Jedna se prosim o domaci PC ci nejake pracovni\firemni "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu,děkuji
Zdravím !
Jedná se o domácí notebook .
Jedná se o domácí notebook .
Re: Prosím o kontrolu logu,děkuji
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Scan
- Po dokonceni skenu kliknete na Report - otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu,děkuji
RogueKiller V7.0.0 [01/26/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Bary [Admin rights]
Mode: Scan -- Date : 01/27/2012 17:43:20
¤¤¤ Bad processes: 2 ¤¤¤
[SUSP PATH] visicom_antiphishing.dll -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.dll -> UNLOADED
[SUSP PATH] visicom_antiphishing.exe -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe -> KILLED [TermProc]
¤¤¤ Registry Entries: 4 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : Anti-phishing Domain Advisor ("C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe") -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 5a50fd56acfed2cc448e9f111ef12c3a
[BSP] dfbcb5d0fa5c15d5c1f89d7081d0680d : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 262144 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 512206848 | Size: 237856 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Bary [Admin rights]
Mode: Scan -- Date : 01/27/2012 17:43:20
¤¤¤ Bad processes: 2 ¤¤¤
[SUSP PATH] visicom_antiphishing.dll -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.dll -> UNLOADED
[SUSP PATH] visicom_antiphishing.exe -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe -> KILLED [TermProc]
¤¤¤ Registry Entries: 4 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : Anti-phishing Domain Advisor ("C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe") -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 5a50fd56acfed2cc448e9f111ef12c3a
[BSP] dfbcb5d0fa5c15d5c1f89d7081d0680d : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 262144 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 512206848 | Size: 237856 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Re: Prosím o kontrolu logu,děkuji
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
- Kliknete na Choose file
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Scan It
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe
- Ulozte nejlepe na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Report
- Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu,děkuji
https://www.virustotal.com/file/5b7f03c ... 327735818/
Kód: Vybrat vše
MBRScan v1.0.7
OS : Windows 7 Service Pack 1 (32 bit)
PROCESSOR : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT : Normal Boot
DATE : 2012/01/28 (ISO 8601) at 08:39:43
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __WDC WD5000BEVT-22ZAT0 (01.01A01)
BUS_TYPE : (0x0B) S-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 465.8 Go [Fixed] ==> 7 MBR Code
MBR_MD5 : 5A50FD56ACFED2CC448E9F111EF12C3A
MBR_SHA1 : D85BCDC51340DFB8BE6F480487B2B3C8B5ADA5DB
Device\Harddisk0\Partition1 100.0 Mo 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 244.1 Go 0x07 NTFS / HPFS
Device\Harddisk0\Partition3 221.5 Go 0x07 NTFS / HPFS
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2ä.V.Í.]ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°Ñæd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßæ`è|.°.ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....ð¬<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëòôëý+Éädë.$.àø
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 6A 91 B8 9E 00 00 80 20 em...c{.j.¸....
0x000001C0 21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF !..ß....... ...ß
0x000001D0 14 0C 07 FE FF FF 00 28 03 00 00 80 84 1E 00 FE ...þ...(.......þ
0x000001E0 FF FF 07 FE FF FF 00 A8 87 1E 00 B0 B0 1B 00 00 ...þ...¨...°°...
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
Re: Prosím o kontrolu logu,děkuji
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu,děkuji
ComboFix 12-01-29.01 - Bary 29.01.2012 10:50:24.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3037.1845 [GMT 1:00]
Spuštěný z: c:\users\Bary\Downloads\ComboFix.exe
AV: Anti-Virus *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Anti-Virus *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AMMYY
c:\programdata\AMMYY\hr
c:\programdata\AMMYY\settings.bin
c:\users\Bary\AppData\Local\TempDIR
c:\users\Bary\AppData\Local\TempDIR\BetterInstaller.exe
c:\users\Bary\AppData\Local\Windows Server
c:\users\Bary\AppData\Local\Windows Server\flags.ini
c:\users\Bary\AppData\Local\Windows Server\uses32.dat
c:\users\Bary\AppData\Roaming\inst.exe
c:\users\Bary\AppData\Roaming\Local
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_NEW.divx.ddr
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_NEW.divx
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\users\Bary\AppData\Roaming\vso_ts_preview.xml
c:\windows\system32\SETFA94.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-28 do 2012-01-29 )))))))))))))))))))))))))))))))
.
.
2012-01-29 09:57 . 2012-01-29 09:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-27 11:20 . 2012-01-27 11:20 -------- d-----w- C:\rsit
2012-01-26 20:04 . 2012-01-26 20:04 42672 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-01-26 20:04 . 2011-10-04 16:00 37928 ----a-w- c:\windows\system32\drivers\fses.sys
2012-01-26 20:04 . 2011-10-04 16:00 72872 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2012-01-26 20:01 . 2012-01-26 20:01 -------- d-----w- c:\programdata\fssg
2012-01-26 20:00 . 2012-01-26 20:00 -------- d-----w- c:\program files\F-Secure
2012-01-26 20:00 . 2012-01-26 20:04 -------- d-----w- c:\programdata\F-Secure
2012-01-22 16:01 . 2012-01-22 16:01 -------- d-----w- c:\program files\Xilisoft
2012-01-19 11:20 . 2012-01-22 14:26 -------- d-----w- c:\users\Bary\AppData\Local\WinAVI
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\program files\WinAVI Video Converter 9.0
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Xvid
2012-01-19 09:03 . 2009-06-07 15:25 77824 ----a-w- c:\windows\system32\xvid.ax
2012-01-19 09:03 . 2009-06-07 15:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2012-01-19 09:03 . 2009-06-07 15:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2012-01-19 09:03 . 2010-03-02 23:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\ffdshow
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Haali
2012-01-19 09:02 . 2012-01-19 09:11 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-19 09:01 . 2012-01-19 09:11 -------- d-----w- c:\program files\Avi2Dvd
2012-01-19 08:56 . 2007-08-31 17:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-01-19 08:56 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-01-19 08:39 . 2012-01-19 08:39 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-19 08:39 . 2012-01-19 08:39 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-19 08:39 . 2012-01-19 08:39 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-19 08:39 . 2012-01-19 08:39 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-19 08:22 . 2012-01-19 08:22 -------- d-----w- c:\users\Bary\.thumb
2012-01-11 19:08 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 19:08 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 19:08 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 19:07 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-04 16:30 . 2012-01-04 16:30 -------- d-----w- c:\users\Bary\AppData\Local\blekkotb
2012-01-04 16:30 . 2012-01-29 09:59 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-01-04 16:30 . 2012-01-04 16:30 -------- d-----w- c:\program files\blekkotb
2012-01-04 09:17 . 2012-01-04 09:17 -------- d-----w- c:\users\Bary\AppData\Local\Apps
2012-01-04 09:17 . 2012-01-04 19:27 -------- d-----w- c:\users\Bary\AppData\Local\Deployment
2012-01-04 08:39 . 2012-01-27 09:32 -------- d-----w- c:\users\Bary\AppData\Local\Conduit
2012-01-04 08:31 . 2012-01-04 08:31 -------- d-----w- c:\users\Bary\AppData\Roaming\Serif
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-01-03 12:12 . 2012-01-03 12:12 -------- d-----w- c:\program files\DsNET Corp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2060-08-18 18:02 . 2011-11-21 16:37 2023424 ------w- c:\windows\system32\Vcl50.bpl
2060-08-18 18:02 . 2011-11-21 16:37 1496064 ------w- c:\windows\system32\Cc3250mt.dll
2060-08-18 18:02 . 2011-11-21 16:37 248832 ------w- c:\windows\system32\Vclx50.bpl
2060-08-18 17:40 . 2011-11-21 16:36 909824 ------w- c:\windows\system32\Cp3245mt.dll
2060-08-18 17:40 . 2011-11-21 16:36 24064 ------w- c:\windows\system32\Borlndmm.dll
2012-01-29 09:52 . 2012-01-29 09:52 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\offreg.dll
2012-01-19 11:25 . 2011-03-18 16:04 47360 ----a-w- c:\users\Bary\AppData\Roaming\pcouffin.sys
2012-01-19 11:04 . 2011-03-18 16:04 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2012-01-17 03:39 . 2012-01-27 07:27 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\mpengine.dll
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-24 17:46 . 2011-12-24 17:46 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-24 17:46 . 2011-12-24 17:46 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-24 17:46 . 2011-12-24 17:46 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-24 17:46 . 2011-12-24 17:46 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-24 17:46 . 2011-12-24 17:46 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-24 17:46 . 2011-12-24 17:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-24 17:46 . 2011-12-24 17:46 367104 ----a-w- c:\windows\system32\html.iec
2011-12-24 17:46 . 2011-12-24 17:46 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-24 17:46 . 2011-12-24 17:46 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-24 17:46 . 2011-12-24 17:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-24 17:46 . 2011-12-24 17:46 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-24 17:46 . 2011-12-24 17:46 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-24 17:46 . 2011-12-24 17:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-24 17:46 . 2011-12-24 17:46 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-12-24 17:46 . 2011-12-24 17:46 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-24 17:46 . 2011-12-24 17:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-24 17:46 . 2011-12-24 17:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-24 17:46 . 2011-12-24 17:46 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-24 17:46 . 2011-12-24 17:46 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-15 21:54 . 2010-05-03 09:53 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-08 11:10 . 2011-12-08 11:10 158056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2011-12-07 09:08 . 2010-02-19 20:10 236576 ------w- c:\windows\system32\MpSigStub.exe
2011-11-24 04:25 . 2011-12-15 22:02 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:34 . 2011-11-21 16:34 4608 ----a-w- c:\windows\system32\w95inf32.dll
2011-11-21 16:34 . 2011-11-21 16:34 2272 ----a-w- c:\windows\system32\w95inf16.dll
2011-11-05 04:26 . 2011-12-15 22:02 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-19 08:39 . 2011-04-09 05:39 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2011-12-22 21:17 262312 ----a-w- c:\program files\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2011-12-22 21:16 86696 ----a-w- c:\program files\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files\blekkotb\blekkoDx.dll" [2011-12-22 86696]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-07 98304]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-12-21 206504]
"F-Secure Hoster"="c:\program files\F-Secure\fshoster32.exe" [2011-10-04 156328]
"F-Secure Manager"="c:\program files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" [2011-10-04 311976]
.
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 MpKsl13ece6e7;MpKsl13ece6e7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{00CCDCAF-7164-4021-B773-910746B08311}\MpKsl13ece6e7.sys [x]
R1 MpKsl1c1a23cc;MpKsl1c1a23cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7150FB3C-DE07-4B24-8AB9-16D0453D5853}\MpKsl1c1a23cc.sys [x]
R1 MpKsl1d733eac;MpKsl1d733eac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{944C9B16-29D3-4AAF-AF87-C3AAC6B4EB38}\MpKsl1d733eac.sys [x]
R1 MpKsl25f4e036;MpKsl25f4e036;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{022257E2-A9E4-4AF7-A563-EDC8A9EC7978}\MpKsl25f4e036.sys [x]
R1 MpKsl2f363a1f;MpKsl2f363a1f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl2f363a1f.sys [x]
R1 MpKsl3132231f;MpKsl3132231f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl3132231f.sys [x]
R1 MpKsl32b32ac0;MpKsl32b32ac0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2DFEA8A1-77CE-498C-8550-C734C95565C1}\MpKsl32b32ac0.sys [x]
R1 MpKsl32e53249;MpKsl32e53249;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl32e53249.sys [x]
R1 MpKsl4f4770fa;MpKsl4f4770fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DBC7B705-D0EB-4350-AFDF-AA374D6A8358}\MpKsl4f4770fa.sys [x]
R1 MpKsl5ad98acd;MpKsl5ad98acd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6F158D2-2F64-4FDB-AD77-94DEEC2E30FC}\MpKsl5ad98acd.sys [x]
R1 MpKsl9ea3d989;MpKsl9ea3d989;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3CECA5F-50FB-4785-9A25-CD59F69D0615}\MpKsl9ea3d989.sys [x]
R1 MpKslaf34cc94;MpKslaf34cc94;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3CECA5F-50FB-4785-9A25-CD59F69D0615}\MpKslaf34cc94.sys [x]
R1 MpKslbf733915;MpKslbf733915;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CE562FD9-4829-4859-A1CD-FA1421BB749E}\MpKslbf733915.sys [x]
R1 MpKsle4de4ba5;MpKsle4de4ba5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF4AFEE3-E682-406B-BB24-610F22D4750D}\MpKsle4de4ba5.sys [x]
R1 MpKslf67958e7;MpKslf67958e7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD4A4CCA-D621-4B77-A912-BC7B4C683F7C}\MpKslf67958e7.sys [x]
R1 MpKslff9d0e46;MpKslff9d0e46;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C078E01-C652-45B6-935E-730B44B6D638}\MpKslff9d0e46.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 GJNYKIOIR;GJNYKIOIR;c:\users\Bary\AppData\Local\Temp\GJNYKIOIR.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
R3 MXCDA;MXCDA;c:\users\Bary\AppData\Local\Temp\MXCDA.exe [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 OVFIFL;OVFIFL;c:\users\Bary\AppData\Local\Temp\OVFIFL.exe [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2012-01-19 47360]
R3 stusb2ir;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]
R3 TONAZ;TONAZ;c:\users\Bary\AppData\Local\Temp\TONAZ.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TVOKOOYB;TVOKOOYB;c:\users\Bary\AppData\Local\Temp\TVOKOOYB.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-01-26 42672]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-11 691696]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-01-26 73192]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-04 37928]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-04 72872]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2011-10-04 14504]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-07 176128]
S2 fshoster;F-Secure Dll Hoster;c:\program files\F-Secure\fshoster32.exe [2011-10-04 156328]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-05 61112]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-01-26 148632]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job
- c:\users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-03 18:45]
.
2012-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job
- c:\users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-03 18:45]
.
2012-01-27 c:\windows\Tasks\Norton Security Scan for Bary.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-07-13 07:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
mStart Page = hxxp://www.bigseekpro.com/dvdstyler/{8A7936D9- ... 444AAFEAF5}
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
URLSearchHooks-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
HKCU-Run-Polar Sync - (no file)
AddRemove-Data Access Objects (DAO) 3.5 - c:\program files\Common Files\Microsoft Shared\DAO\Uninst.isu
AddRemove-LifeGlobe Goldfish Aquarium 2.0_is1 - c:\program files\Prolific Publishing
AddRemove-Nokia PC Internet Access - c:\programdata\Installations\{9652B1F8-F795-46D5-A23F-9C3C41647E51}\INSTALLER.EXE
AddRemove-ClickPotatoLiteSA - c:\users\Bary\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\ClickPotatoLiteUninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files\F-Secure\fshoster32.exe\" -hosterid:0"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5408)
c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\program files\Common Files\YDP\UserAccessManager\useraccess.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files\F-Secure\apps\ComputerSecurity\Gadget\fsgadget.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2012-01-29 11:04:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-29 10:04
.
Před spuštěním: Volných bajtů: 39 625 494 528
Po spuštění: Volných bajtů: 39 143 890 944
.
- - End Of File - - 49D610D1CEE3C5A0B25462F84B567039
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3037.1845 [GMT 1:00]
Spuštěný z: c:\users\Bary\Downloads\ComboFix.exe
AV: Anti-Virus *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Anti-Virus *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AMMYY
c:\programdata\AMMYY\hr
c:\programdata\AMMYY\settings.bin
c:\users\Bary\AppData\Local\TempDIR
c:\users\Bary\AppData\Local\TempDIR\BetterInstaller.exe
c:\users\Bary\AppData\Local\Windows Server
c:\users\Bary\AppData\Local\Windows Server\flags.ini
c:\users\Bary\AppData\Local\Windows Server\uses32.dat
c:\users\Bary\AppData\Roaming\inst.exe
c:\users\Bary\AppData\Roaming\Local
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_NEW.divx.ddr
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\Bary\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_NEW.divx
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\users\Bary\AppData\Roaming\vso_ts_preview.xml
c:\windows\system32\SETFA94.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-28 do 2012-01-29 )))))))))))))))))))))))))))))))
.
.
2012-01-29 09:57 . 2012-01-29 09:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-27 11:20 . 2012-01-27 11:20 -------- d-----w- C:\rsit
2012-01-26 20:04 . 2012-01-26 20:04 42672 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-01-26 20:04 . 2011-10-04 16:00 37928 ----a-w- c:\windows\system32\drivers\fses.sys
2012-01-26 20:04 . 2011-10-04 16:00 72872 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2012-01-26 20:01 . 2012-01-26 20:01 -------- d-----w- c:\programdata\fssg
2012-01-26 20:00 . 2012-01-26 20:00 -------- d-----w- c:\program files\F-Secure
2012-01-26 20:00 . 2012-01-26 20:04 -------- d-----w- c:\programdata\F-Secure
2012-01-22 16:01 . 2012-01-22 16:01 -------- d-----w- c:\program files\Xilisoft
2012-01-19 11:20 . 2012-01-22 14:26 -------- d-----w- c:\users\Bary\AppData\Local\WinAVI
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\program files\WinAVI Video Converter 9.0
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Xvid
2012-01-19 09:03 . 2009-06-07 15:25 77824 ----a-w- c:\windows\system32\xvid.ax
2012-01-19 09:03 . 2009-06-07 15:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2012-01-19 09:03 . 2009-06-07 15:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2012-01-19 09:03 . 2010-03-02 23:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\ffdshow
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Haali
2012-01-19 09:02 . 2012-01-19 09:11 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-19 09:01 . 2012-01-19 09:11 -------- d-----w- c:\program files\Avi2Dvd
2012-01-19 08:56 . 2007-08-31 17:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-01-19 08:56 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-01-19 08:39 . 2012-01-19 08:39 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-19 08:39 . 2012-01-19 08:39 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-19 08:39 . 2012-01-19 08:39 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-19 08:39 . 2012-01-19 08:39 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-19 08:22 . 2012-01-19 08:22 -------- d-----w- c:\users\Bary\.thumb
2012-01-11 19:08 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 19:08 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 19:08 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 19:07 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-04 16:30 . 2012-01-04 16:30 -------- d-----w- c:\users\Bary\AppData\Local\blekkotb
2012-01-04 16:30 . 2012-01-29 09:59 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-01-04 16:30 . 2012-01-04 16:30 -------- d-----w- c:\program files\blekkotb
2012-01-04 09:17 . 2012-01-04 09:17 -------- d-----w- c:\users\Bary\AppData\Local\Apps
2012-01-04 09:17 . 2012-01-04 19:27 -------- d-----w- c:\users\Bary\AppData\Local\Deployment
2012-01-04 08:39 . 2012-01-27 09:32 -------- d-----w- c:\users\Bary\AppData\Local\Conduit
2012-01-04 08:31 . 2012-01-04 08:31 -------- d-----w- c:\users\Bary\AppData\Roaming\Serif
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-01-03 12:12 . 2012-01-03 12:12 -------- d-----w- c:\program files\DsNET Corp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2060-08-18 18:02 . 2011-11-21 16:37 2023424 ------w- c:\windows\system32\Vcl50.bpl
2060-08-18 18:02 . 2011-11-21 16:37 1496064 ------w- c:\windows\system32\Cc3250mt.dll
2060-08-18 18:02 . 2011-11-21 16:37 248832 ------w- c:\windows\system32\Vclx50.bpl
2060-08-18 17:40 . 2011-11-21 16:36 909824 ------w- c:\windows\system32\Cp3245mt.dll
2060-08-18 17:40 . 2011-11-21 16:36 24064 ------w- c:\windows\system32\Borlndmm.dll
2012-01-29 09:52 . 2012-01-29 09:52 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\offreg.dll
2012-01-19 11:25 . 2011-03-18 16:04 47360 ----a-w- c:\users\Bary\AppData\Roaming\pcouffin.sys
2012-01-19 11:04 . 2011-03-18 16:04 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2012-01-17 03:39 . 2012-01-27 07:27 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\mpengine.dll
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-24 17:46 . 2011-12-24 17:46 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-24 17:46 . 2011-12-24 17:46 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-24 17:46 . 2011-12-24 17:46 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-24 17:46 . 2011-12-24 17:46 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-24 17:46 . 2011-12-24 17:46 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-24 17:46 . 2011-12-24 17:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-24 17:46 . 2011-12-24 17:46 367104 ----a-w- c:\windows\system32\html.iec
2011-12-24 17:46 . 2011-12-24 17:46 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-24 17:46 . 2011-12-24 17:46 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-24 17:46 . 2011-12-24 17:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-24 17:46 . 2011-12-24 17:46 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-24 17:46 . 2011-12-24 17:46 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-24 17:46 . 2011-12-24 17:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-24 17:46 . 2011-12-24 17:46 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-12-24 17:46 . 2011-12-24 17:46 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-24 17:46 . 2011-12-24 17:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-24 17:46 . 2011-12-24 17:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-24 17:46 . 2011-12-24 17:46 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-24 17:46 . 2011-12-24 17:46 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-15 21:54 . 2010-05-03 09:53 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-08 11:10 . 2011-12-08 11:10 158056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2011-12-07 09:08 . 2010-02-19 20:10 236576 ------w- c:\windows\system32\MpSigStub.exe
2011-11-24 04:25 . 2011-12-15 22:02 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:34 . 2011-11-21 16:34 4608 ----a-w- c:\windows\system32\w95inf32.dll
2011-11-21 16:34 . 2011-11-21 16:34 2272 ----a-w- c:\windows\system32\w95inf16.dll
2011-11-05 04:26 . 2011-12-15 22:02 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-19 08:39 . 2011-04-09 05:39 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2011-12-22 21:17 262312 ----a-w- c:\program files\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2011-12-22 21:16 86696 ----a-w- c:\program files\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files\blekkotb\blekkoDx.dll" [2011-12-22 86696]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-07 98304]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-12-21 206504]
"F-Secure Hoster"="c:\program files\F-Secure\fshoster32.exe" [2011-10-04 156328]
"F-Secure Manager"="c:\program files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" [2011-10-04 311976]
.
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 MpKsl13ece6e7;MpKsl13ece6e7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{00CCDCAF-7164-4021-B773-910746B08311}\MpKsl13ece6e7.sys [x]
R1 MpKsl1c1a23cc;MpKsl1c1a23cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7150FB3C-DE07-4B24-8AB9-16D0453D5853}\MpKsl1c1a23cc.sys [x]
R1 MpKsl1d733eac;MpKsl1d733eac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{944C9B16-29D3-4AAF-AF87-C3AAC6B4EB38}\MpKsl1d733eac.sys [x]
R1 MpKsl25f4e036;MpKsl25f4e036;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{022257E2-A9E4-4AF7-A563-EDC8A9EC7978}\MpKsl25f4e036.sys [x]
R1 MpKsl2f363a1f;MpKsl2f363a1f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl2f363a1f.sys [x]
R1 MpKsl3132231f;MpKsl3132231f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl3132231f.sys [x]
R1 MpKsl32b32ac0;MpKsl32b32ac0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2DFEA8A1-77CE-498C-8550-C734C95565C1}\MpKsl32b32ac0.sys [x]
R1 MpKsl32e53249;MpKsl32e53249;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34AFDA13-433D-4E65-AC73-19CC7CF9D19C}\MpKsl32e53249.sys [x]
R1 MpKsl4f4770fa;MpKsl4f4770fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DBC7B705-D0EB-4350-AFDF-AA374D6A8358}\MpKsl4f4770fa.sys [x]
R1 MpKsl5ad98acd;MpKsl5ad98acd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6F158D2-2F64-4FDB-AD77-94DEEC2E30FC}\MpKsl5ad98acd.sys [x]
R1 MpKsl9ea3d989;MpKsl9ea3d989;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3CECA5F-50FB-4785-9A25-CD59F69D0615}\MpKsl9ea3d989.sys [x]
R1 MpKslaf34cc94;MpKslaf34cc94;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3CECA5F-50FB-4785-9A25-CD59F69D0615}\MpKslaf34cc94.sys [x]
R1 MpKslbf733915;MpKslbf733915;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CE562FD9-4829-4859-A1CD-FA1421BB749E}\MpKslbf733915.sys [x]
R1 MpKsle4de4ba5;MpKsle4de4ba5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF4AFEE3-E682-406B-BB24-610F22D4750D}\MpKsle4de4ba5.sys [x]
R1 MpKslf67958e7;MpKslf67958e7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD4A4CCA-D621-4B77-A912-BC7B4C683F7C}\MpKslf67958e7.sys [x]
R1 MpKslff9d0e46;MpKslff9d0e46;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C078E01-C652-45B6-935E-730B44B6D638}\MpKslff9d0e46.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 GJNYKIOIR;GJNYKIOIR;c:\users\Bary\AppData\Local\Temp\GJNYKIOIR.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
R3 MXCDA;MXCDA;c:\users\Bary\AppData\Local\Temp\MXCDA.exe [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 OVFIFL;OVFIFL;c:\users\Bary\AppData\Local\Temp\OVFIFL.exe [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2012-01-19 47360]
R3 stusb2ir;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]
R3 TONAZ;TONAZ;c:\users\Bary\AppData\Local\Temp\TONAZ.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TVOKOOYB;TVOKOOYB;c:\users\Bary\AppData\Local\Temp\TVOKOOYB.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-01-26 42672]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-11 691696]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-01-26 73192]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-04 37928]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-04 72872]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2011-10-04 14504]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-07 176128]
S2 fshoster;F-Secure Dll Hoster;c:\program files\F-Secure\fshoster32.exe [2011-10-04 156328]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-05 61112]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-01-26 148632]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job
- c:\users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-03 18:45]
.
2012-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job
- c:\users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-03 18:45]
.
2012-01-27 c:\windows\Tasks\Norton Security Scan for Bary.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-07-13 07:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
mStart Page = hxxp://www.bigseekpro.com/dvdstyler/{8A7936D9- ... 444AAFEAF5}
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
URLSearchHooks-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
HKCU-Run-Polar Sync - (no file)
AddRemove-Data Access Objects (DAO) 3.5 - c:\program files\Common Files\Microsoft Shared\DAO\Uninst.isu
AddRemove-LifeGlobe Goldfish Aquarium 2.0_is1 - c:\program files\Prolific Publishing
AddRemove-Nokia PC Internet Access - c:\programdata\Installations\{9652B1F8-F795-46D5-A23F-9C3C41647E51}\INSTALLER.EXE
AddRemove-ClickPotatoLiteSA - c:\users\Bary\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\ClickPotatoLiteUninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files\F-Secure\fshoster32.exe\" -hosterid:0"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5408)
c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\program files\Common Files\YDP\UserAccessManager\useraccess.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files\F-Secure\apps\ComputerSecurity\Gadget\fsgadget.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2012-01-29 11:04:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-29 10:04
.
Před spuštěním: Volných bajtů: 39 625 494 528
Po spuštění: Volných bajtů: 39 143 890 944
.
- - End Of File - - 49D610D1CEE3C5A0B25462F84B567039
Re: Prosím o kontrolu logu,děkuji
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Driver:: MpKsl13ece6e7 MpKsl1c1a23cc MpKsl1d733eac MpKsl25f4e036 MpKsl2f363a1f MpKsl3132231f MpKsl32b32ac0 MpKsl32e53249 MpKsl4f4770fa MpKsl5ad98acd MpKsl9ea3d989 MpKslaf34cc94 MpKslbf733915 MpKsle4de4ba5 MpKslf67958e7 MpKslff9d0e46 GJNYKIOIR MXCDA OVFIFL TONAZ TVOKOOYB Collect:: c:\users\Bary\AppData\Local\Temp\GJNYKIOIR.exe c:\users\Bary\AppData\Local\Temp\MXCDA.exe c:\users\Bary\AppData\Local\Temp\OVFIFL.exe c:\users\Bary\AppData\Local\Temp\TONAZ.exe c:\users\Bary\AppData\Local\Temp\TVOKOOYB.exe RegLock:: [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318} DDS:: uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2475029 mStart Page = hxxp://www.bigseekpro.com/dvdstyler/{8A7936D9-F1A0-4F1A-857C-C7444AAFEAF5} Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com Firefox:: FF - ProfilePath - c:\users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\ FF - prefs.js: browser.search.selectedEngine - ICQ Search File:: c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job c:\windows\Tasks\Norton Security Scan for Bary.job C:\Program Files\blekkotb\blekkoDx.dll Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaSuite.exe"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"=- "StartCCC"=- "NokiaMusic FastStart"=- "DivXUpdate"=- "DivX Download Manager"=- "SunJavaUpdateSched"="- "Adobe ARM"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{26c9e18c-3717-4be1-a225-04e4471f5b6e}"=- ClearJavaCache:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu,děkuji
ComboFix 12-01-29.01 - Bary 29.01.2012 19:08:01.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3037.1833 [GMT 1:00]
Spuštěný z: c:\users\Bary\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Bary\Desktop\CFScript.txt.txt
AV: Anti-Virus *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Anti-Virus *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\blekkotb\blekkoDx.dll"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job"
"c:\windows\Tasks\Norton Security Scan for Bary.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\blekkotb\blekkoDx.dll
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job
c:\windows\Tasks\Norton Security Scan for Bary.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL13ECE6E7
-------\Legacy_MPKSL1C1A23CC
-------\Legacy_MPKSL1D733EAC
-------\Legacy_MPKSL25F4E036
-------\Legacy_MPKSL2F363A1F
-------\Legacy_MPKSL3132231F
-------\Legacy_MPKSL32B32AC0
-------\Legacy_MPKSL32E53249
-------\Legacy_MPKSL5AD98ACD
-------\Legacy_MPKSL9EA3D989
-------\Legacy_MPKSLAF34CC94
-------\Legacy_MPKSLBF733915
-------\Legacy_MPKSLE4DE4BA5
-------\Legacy_MPKSLF67958E7
-------\Legacy_MPKSLFF9D0E46
-------\Service_GJNYKIOIR
-------\Service_MpKsl13ece6e7
-------\Service_MpKsl1c1a23cc
-------\Service_MpKsl1d733eac
-------\Service_MpKsl25f4e036
-------\Service_MpKsl2f363a1f
-------\Service_MpKsl3132231f
-------\Service_MpKsl32b32ac0
-------\Service_MpKsl32e53249
-------\Service_MpKsl4f4770fa
-------\Service_MpKsl5ad98acd
-------\Service_MpKsl9ea3d989
-------\Service_MpKslaf34cc94
-------\Service_MpKslbf733915
-------\Service_MpKsle4de4ba5
-------\Service_MpKslf67958e7
-------\Service_MpKslff9d0e46
-------\Service_MXCDA
-------\Service_OVFIFL
-------\Service_TONAZ
-------\Service_TVOKOOYB
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-28 do 2012-01-29 )))))))))))))))))))))))))))))))
.
.
2012-01-29 18:14 . 2012-01-29 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-27 11:20 . 2012-01-27 11:20 -------- d-----w- C:\rsit
2012-01-26 20:04 . 2012-01-26 20:04 42672 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-01-26 20:04 . 2011-10-04 16:00 37928 ----a-w- c:\windows\system32\drivers\fses.sys
2012-01-26 20:04 . 2011-10-04 16:00 72872 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2012-01-26 20:01 . 2012-01-26 20:01 -------- d-----w- c:\programdata\fssg
2012-01-26 20:00 . 2012-01-26 20:00 -------- d-----w- c:\program files\F-Secure
2012-01-26 20:00 . 2012-01-26 20:04 -------- d-----w- c:\programdata\F-Secure
2012-01-22 16:01 . 2012-01-22 16:01 -------- d-----w- c:\program files\Xilisoft
2012-01-19 11:20 . 2012-01-22 14:26 -------- d-----w- c:\users\Bary\AppData\Local\WinAVI
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\program files\WinAVI Video Converter 9.0
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Xvid
2012-01-19 09:03 . 2009-06-07 15:25 77824 ----a-w- c:\windows\system32\xvid.ax
2012-01-19 09:03 . 2009-06-07 15:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2012-01-19 09:03 . 2009-06-07 15:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2012-01-19 09:03 . 2010-03-02 23:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\ffdshow
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Haali
2012-01-19 09:02 . 2012-01-19 09:11 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-19 09:01 . 2012-01-19 09:11 -------- d-----w- c:\program files\Avi2Dvd
2012-01-19 08:56 . 2007-08-31 17:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-01-19 08:56 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-01-19 08:39 . 2012-01-19 08:39 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-19 08:39 . 2012-01-19 08:39 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-19 08:39 . 2012-01-19 08:39 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-19 08:39 . 2012-01-19 08:39 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-19 08:22 . 2012-01-19 08:22 -------- d-----w- c:\users\Bary\.thumb
2012-01-11 19:08 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 19:08 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 19:08 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 19:07 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-04 16:30 . 2012-01-04 16:30 -------- d-----w- c:\users\Bary\AppData\Local\blekkotb
2012-01-04 16:30 . 2012-01-29 18:16 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-01-04 16:30 . 2012-01-29 18:14 -------- d-----w- c:\program files\blekkotb
2012-01-04 09:17 . 2012-01-04 09:17 -------- d-----w- c:\users\Bary\AppData\Local\Apps
2012-01-04 09:17 . 2012-01-04 19:27 -------- d-----w- c:\users\Bary\AppData\Local\Deployment
2012-01-04 08:39 . 2012-01-27 09:32 -------- d-----w- c:\users\Bary\AppData\Local\Conduit
2012-01-04 08:31 . 2012-01-04 08:31 -------- d-----w- c:\users\Bary\AppData\Roaming\Serif
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-01-03 12:12 . 2012-01-03 12:12 -------- d-----w- c:\program files\DsNET Corp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2060-08-18 18:02 . 2011-11-21 16:37 2023424 ------w- c:\windows\system32\Vcl50.bpl
2060-08-18 18:02 . 2011-11-21 16:37 1496064 ------w- c:\windows\system32\Cc3250mt.dll
2060-08-18 18:02 . 2011-11-21 16:37 248832 ------w- c:\windows\system32\Vclx50.bpl
2060-08-18 17:40 . 2011-11-21 16:36 909824 ------w- c:\windows\system32\Cp3245mt.dll
2060-08-18 17:40 . 2011-11-21 16:36 24064 ------w- c:\windows\system32\Borlndmm.dll
2012-01-29 09:52 . 2012-01-29 09:52 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\offreg.dll
2012-01-19 11:25 . 2011-03-18 16:04 47360 ----a-w- c:\users\Bary\AppData\Roaming\pcouffin.sys
2012-01-19 11:04 . 2011-03-18 16:04 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2012-01-17 03:39 . 2012-01-27 07:27 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\mpengine.dll
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-24 17:46 . 2011-12-24 17:46 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-24 17:46 . 2011-12-24 17:46 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-24 17:46 . 2011-12-24 17:46 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-24 17:46 . 2011-12-24 17:46 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-24 17:46 . 2011-12-24 17:46 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-24 17:46 . 2011-12-24 17:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-24 17:46 . 2011-12-24 17:46 367104 ----a-w- c:\windows\system32\html.iec
2011-12-24 17:46 . 2011-12-24 17:46 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-24 17:46 . 2011-12-24 17:46 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-24 17:46 . 2011-12-24 17:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-24 17:46 . 2011-12-24 17:46 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-24 17:46 . 2011-12-24 17:46 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-24 17:46 . 2011-12-24 17:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-24 17:46 . 2011-12-24 17:46 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-12-24 17:46 . 2011-12-24 17:46 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-24 17:46 . 2011-12-24 17:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-24 17:46 . 2011-12-24 17:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-24 17:46 . 2011-12-24 17:46 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-24 17:46 . 2011-12-24 17:46 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-15 21:54 . 2010-05-03 09:53 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-08 11:10 . 2011-12-08 11:10 158056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2011-12-07 09:08 . 2010-02-19 20:10 236576 ------w- c:\windows\system32\MpSigStub.exe
2011-11-24 04:25 . 2011-12-15 22:02 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:34 . 2011-11-21 16:34 4608 ----a-w- c:\windows\system32\w95inf32.dll
2011-11-21 16:34 . 2011-11-21 16:34 2272 ----a-w- c:\windows\system32\w95inf16.dll
2011-11-05 04:26 . 2011-12-15 22:02 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-19 08:39 . 2011-04-09 05:39 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2011-12-22 21:17 262312 ----a-w- c:\program files\blekkotb\auxi\blekkoAu.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-12-21 206504]
"F-Secure Hoster"="c:\program files\F-Secure\fshoster32.exe" [2011-10-04 156328]
"F-Secure Manager"="c:\program files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" [2011-10-04 311976]
.
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2012-01-19 47360]
R3 stusb2ir;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-01-26 42672]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-11 691696]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-01-26 73192]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-04 37928]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-04 72872]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2011-10-04 14504]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-07 176128]
S2 fshoster;F-Secure Dll Hoster;c:\program files\F-Secure\fshoster32.exe [2011-10-04 156328]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-05 61112]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-01-26 148632]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{26c9e18c-3717-4be1-a225-04e4471f5b6e} - c:\program files\blekkotb\blekkoDx.dll
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files\F-Secure\fshoster32.exe\" -hosterid:0"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4916)
c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe
c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\program files\Common Files\YDP\UserAccessManager\useraccess.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\F-Secure\apps\ComputerSecurity\Gadget\fsgadget.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-29 19:21:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-29 18:21
ComboFix2.txt 2012-01-29 10:04
.
Před spuštěním: Volných bajtů: 39 220 613 120
Po spuštění: Volných bajtů: 38 775 504 896
.
- - End Of File - - E1FD7C17B1C4CDF77EC83434ABF89738
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3037.1833 [GMT 1:00]
Spuštěný z: c:\users\Bary\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Bary\Desktop\CFScript.txt.txt
AV: Anti-Virus *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Anti-Virus *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\blekkotb\blekkoDx.dll"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job"
"c:\windows\Tasks\Norton Security Scan for Bary.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\blekkotb\blekkoDx.dll
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job
c:\windows\Tasks\Norton Security Scan for Bary.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL13ECE6E7
-------\Legacy_MPKSL1C1A23CC
-------\Legacy_MPKSL1D733EAC
-------\Legacy_MPKSL25F4E036
-------\Legacy_MPKSL2F363A1F
-------\Legacy_MPKSL3132231F
-------\Legacy_MPKSL32B32AC0
-------\Legacy_MPKSL32E53249
-------\Legacy_MPKSL5AD98ACD
-------\Legacy_MPKSL9EA3D989
-------\Legacy_MPKSLAF34CC94
-------\Legacy_MPKSLBF733915
-------\Legacy_MPKSLE4DE4BA5
-------\Legacy_MPKSLF67958E7
-------\Legacy_MPKSLFF9D0E46
-------\Service_GJNYKIOIR
-------\Service_MpKsl13ece6e7
-------\Service_MpKsl1c1a23cc
-------\Service_MpKsl1d733eac
-------\Service_MpKsl25f4e036
-------\Service_MpKsl2f363a1f
-------\Service_MpKsl3132231f
-------\Service_MpKsl32b32ac0
-------\Service_MpKsl32e53249
-------\Service_MpKsl4f4770fa
-------\Service_MpKsl5ad98acd
-------\Service_MpKsl9ea3d989
-------\Service_MpKslaf34cc94
-------\Service_MpKslbf733915
-------\Service_MpKsle4de4ba5
-------\Service_MpKslf67958e7
-------\Service_MpKslff9d0e46
-------\Service_MXCDA
-------\Service_OVFIFL
-------\Service_TONAZ
-------\Service_TVOKOOYB
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-28 do 2012-01-29 )))))))))))))))))))))))))))))))
.
.
2012-01-29 18:14 . 2012-01-29 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-27 11:20 . 2012-01-27 11:20 -------- d-----w- C:\rsit
2012-01-26 20:04 . 2012-01-26 20:04 42672 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-01-26 20:04 . 2011-10-04 16:00 37928 ----a-w- c:\windows\system32\drivers\fses.sys
2012-01-26 20:04 . 2011-10-04 16:00 72872 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2012-01-26 20:01 . 2012-01-26 20:01 -------- d-----w- c:\programdata\fssg
2012-01-26 20:00 . 2012-01-26 20:00 -------- d-----w- c:\program files\F-Secure
2012-01-26 20:00 . 2012-01-26 20:04 -------- d-----w- c:\programdata\F-Secure
2012-01-22 16:01 . 2012-01-22 16:01 -------- d-----w- c:\program files\Xilisoft
2012-01-19 11:20 . 2012-01-22 14:26 -------- d-----w- c:\users\Bary\AppData\Local\WinAVI
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\program files\WinAVI Video Converter 9.0
2012-01-19 11:19 . 2012-01-19 11:19 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Xvid
2012-01-19 09:03 . 2009-06-07 15:25 77824 ----a-w- c:\windows\system32\xvid.ax
2012-01-19 09:03 . 2009-06-07 15:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2012-01-19 09:03 . 2009-06-07 15:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2012-01-19 09:03 . 2010-03-02 23:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\ffdshow
2012-01-19 09:03 . 2012-01-19 09:03 -------- d-----w- c:\program files\Haali
2012-01-19 09:02 . 2012-01-19 09:11 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-19 09:01 . 2012-01-19 09:11 -------- d-----w- c:\program files\Avi2Dvd
2012-01-19 08:56 . 2007-08-31 17:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-01-19 08:56 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-01-19 08:39 . 2012-01-19 08:39 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-19 08:39 . 2012-01-19 08:39 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-19 08:39 . 2012-01-19 08:39 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-19 08:39 . 2012-01-19 08:39 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-19 08:22 . 2012-01-19 08:22 -------- d-----w- c:\users\Bary\.thumb
2012-01-11 19:08 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 19:08 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 19:08 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 19:07 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-04 16:30 . 2012-01-04 16:30 -------- d-----w- c:\users\Bary\AppData\Local\blekkotb
2012-01-04 16:30 . 2012-01-29 18:16 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-01-04 16:30 . 2012-01-29 18:14 -------- d-----w- c:\program files\blekkotb
2012-01-04 09:17 . 2012-01-04 09:17 -------- d-----w- c:\users\Bary\AppData\Local\Apps
2012-01-04 09:17 . 2012-01-04 19:27 -------- d-----w- c:\users\Bary\AppData\Local\Deployment
2012-01-04 08:39 . 2012-01-27 09:32 -------- d-----w- c:\users\Bary\AppData\Local\Conduit
2012-01-04 08:31 . 2012-01-04 08:31 -------- d-----w- c:\users\Bary\AppData\Roaming\Serif
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-01-03 12:12 . 2012-01-03 12:12 -------- d-----w- c:\program files\DsNET Corp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2060-08-18 18:02 . 2011-11-21 16:37 2023424 ------w- c:\windows\system32\Vcl50.bpl
2060-08-18 18:02 . 2011-11-21 16:37 1496064 ------w- c:\windows\system32\Cc3250mt.dll
2060-08-18 18:02 . 2011-11-21 16:37 248832 ------w- c:\windows\system32\Vclx50.bpl
2060-08-18 17:40 . 2011-11-21 16:36 909824 ------w- c:\windows\system32\Cp3245mt.dll
2060-08-18 17:40 . 2011-11-21 16:36 24064 ------w- c:\windows\system32\Borlndmm.dll
2012-01-29 09:52 . 2012-01-29 09:52 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\offreg.dll
2012-01-19 11:25 . 2011-03-18 16:04 47360 ----a-w- c:\users\Bary\AppData\Roaming\pcouffin.sys
2012-01-19 11:04 . 2011-03-18 16:04 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2012-01-17 03:39 . 2012-01-27 07:27 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD9EE15-5D52-4B9D-880D-8F4257CC6A20}\mpengine.dll
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-24 17:46 . 2011-12-24 17:46 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-24 17:46 . 2011-12-24 17:46 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-24 17:46 . 2011-12-24 17:46 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-24 17:46 . 2011-12-24 17:46 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-24 17:46 . 2011-12-24 17:46 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-24 17:46 . 2011-12-24 17:46 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-24 17:46 . 2011-12-24 17:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-24 17:46 . 2011-12-24 17:46 367104 ----a-w- c:\windows\system32\html.iec
2011-12-24 17:46 . 2011-12-24 17:46 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-24 17:46 . 2011-12-24 17:46 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-24 17:46 . 2011-12-24 17:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-24 17:46 . 2011-12-24 17:46 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-24 17:46 . 2011-12-24 17:46 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-24 17:46 . 2011-12-24 17:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-24 17:46 . 2011-12-24 17:46 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-12-24 17:46 . 2011-12-24 17:46 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-24 17:46 . 2011-12-24 17:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-24 17:46 . 2011-12-24 17:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-24 17:46 . 2011-12-24 17:46 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-24 17:46 . 2011-12-24 17:46 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-15 21:54 . 2010-05-03 09:53 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-08 11:10 . 2011-12-08 11:10 158056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2011-12-07 09:08 . 2010-02-19 20:10 236576 ------w- c:\windows\system32\MpSigStub.exe
2011-11-24 04:25 . 2011-12-15 22:02 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:34 . 2011-11-21 16:34 4608 ----a-w- c:\windows\system32\w95inf32.dll
2011-11-21 16:34 . 2011-11-21 16:34 2272 ----a-w- c:\windows\system32\w95inf16.dll
2011-11-05 04:26 . 2011-12-15 22:02 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-19 08:39 . 2011-04-09 05:39 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2011-12-22 21:17 262312 ----a-w- c:\program files\blekkotb\auxi\blekkoAu.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-12-21 206504]
"F-Secure Hoster"="c:\program files\F-Secure\fshoster32.exe" [2011-10-04 156328]
"F-Secure Manager"="c:\program files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" [2011-10-04 311976]
.
c:\users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2012-01-19 47360]
R3 stusb2ir;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-01-26 42672]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-11 691696]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-01-26 73192]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-10-04 37928]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-10-04 72872]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2011-10-04 14504]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-07 176128]
S2 fshoster;F-Secure Dll Hoster;c:\program files\F-Secure\fshoster32.exe [2011-10-04 156328]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-05 61112]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-01-26 148632]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{26c9e18c-3717-4be1-a225-04e4471f5b6e} - c:\program files\blekkotb\blekkoDx.dll
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files\F-Secure\fshoster32.exe\" -hosterid:0"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4916)
c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe
c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\program files\Common Files\YDP\UserAccessManager\useraccess.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
c:\program files\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\F-Secure\apps\ComputerSecurity\Gadget\fsgadget.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-29 19:21:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-29 18:21
ComboFix2.txt 2012-01-29 10:04
.
Před spuštěním: Volných bajtů: 39 220 613 120
Po spuštění: Volných bajtů: 38 775 504 896
.
- - End Of File - - E1FD7C17B1C4CDF77EC83434ABF89738
Re: Prosím o kontrolu logu,děkuji
Jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu,děkuji
zdá se ,že je všechno v pohodě
Re: Prosím o kontrolu logu,děkuji
Odinstalujte Combofix
- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A poprosim o novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu,děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Bary at 2012-01-31 09:07:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 44 GB (18%) free of 250 GB
Total RAM: 3037 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:07:37, on 31.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\F-Secure\fshoster32.exe
C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\F-Secure\apps\ComputerSecurity\Gadget\fsgadget.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Bary\Downloads\RSIT.exe
C:\Windows\system32\taskeng.exe
C:\Users\Bary\Downloads\RSIT.exe
C:\Program Files\trend micro\Bary.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [F-Secure Hoster] "C:\Program Files\F-Secure\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\F-Secure\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7224 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2, bkmrksync@nokia.com:1.0.0.732, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, vshare@toolbar:1.0.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"fe_5.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_5.0
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
blekkotb.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\extensions\
engine@conduit.com
maps@ovi.com
vshare@toolbar
{75656794-AB59-4712-BFBC-5D816D56F3BC}
{800b5000-a755-47e1-992b-48a1c1357f07}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
search.xml
web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"F-Secure Hoster"=C:\Program Files\F-Secure\fshoster32.exe [2011-10-04 156328]
"F-Secure Manager"=C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [2011-10-04 311976]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NokiaPCInternetAccess"=C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [2009-09-17 663552]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2011-12-06 187616]
"Google Update"=C:\Users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-03 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-phishing Domain Advisor]
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
C:\Program Files\GamePark2\gpcl.exe []
C:\Users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-12-24 203776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.siren"=sirenacm.dll
"msacm.l3codecp"=l3codecp.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-31 09:01:46 ----D---- C:\rsit
2012-01-31 08:54:34 ----D---- C:\Program Files\CCleaner
2012-01-30 14:45:59 ----A---- C:\Windows\system32\drivers\iaStor.sys
2012-01-30 14:45:42 ----D---- C:\Program Files\Intel
2012-01-29 19:20:48 ----SHD---- C:\$RECYCLE.BIN
2012-01-29 10:48:15 ----D---- C:\Windows\ERDNT
2012-01-26 21:04:37 ----A---- C:\Windows\system32\drivers\fsbts.sys
2012-01-26 21:04:19 ----A---- C:\Windows\system32\drivers\fses.sys
2012-01-26 21:04:18 ----A---- C:\Windows\prodsett_copy.ini
2012-01-26 21:04:17 ----A---- C:\Windows\system32\drivers\fsdfw.sys
2012-01-26 21:01:34 ----D---- C:\ProgramData\fssg
2012-01-26 21:00:48 ----D---- C:\Program Files\F-Secure
2012-01-26 21:00:08 ----D---- C:\ProgramData\F-Secure
2012-01-22 17:01:17 ----D---- C:\Program Files\Xilisoft
2012-01-19 12:19:43 ----D---- C:\Windows\WinAVI Video Converter 9.0
2012-01-19 12:19:43 ----D---- C:\Program Files\WinAVI Video Converter 9.0
2012-01-19 12:08:55 ----D---- C:\Program Files\WinRAR
2012-01-19 10:03:47 ----D---- C:\Program Files\Xvid
2012-01-19 10:03:47 ----A---- C:\Windows\system32\xvidvfw.dll
2012-01-19 10:03:47 ----A---- C:\Windows\system32\xvidcore.dll
2012-01-19 10:03:31 ----A---- C:\Windows\system32\ff_vfw.dll
2012-01-19 10:03:30 ----D---- C:\Program Files\ffdshow
2012-01-19 10:03:12 ----D---- C:\Program Files\Haali
2012-01-19 10:02:32 ----D---- C:\Program Files\AviSynth 2.5
2012-01-19 10:01:49 ----D---- C:\Program Files\Avi2Dvd
2012-01-19 09:56:57 ----A---- C:\Windows\system32\ssubtmr6.dll
2012-01-11 20:08:02 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 20:08:01 ----A---- C:\Windows\system32\packager.dll
2012-01-11 20:08:00 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 20:07:59 ----A---- C:\Windows\system32\qdvd.dll
2012-01-04 09:31:15 ----D---- C:\Users\Bary\AppData\Roaming\Serif
2012-01-03 13:12:25 ----D---- C:\Program Files\DsNET Corp
======List of files/folders modified in the last 1 month======
2060-08-18 19:02:22 ----N---- C:\Windows\system32\Cc3250mt.dll
2060-08-18 18:40:44 ----N---- C:\Windows\system32\Cp3245mt.dll
2060-08-18 18:40:44 ----N---- C:\Windows\system32\Borlndmm.dll
2012-01-31 09:07:37 ----D---- C:\Program Files\trend micro
2012-01-31 09:07:36 ----D---- C:\Windows\Temp
2012-01-31 08:55:48 ----D---- C:\Windows
2012-01-31 08:54:34 ----D---- C:\Program Files
2012-01-31 08:53:57 ----D---- C:\Windows\system32\config
2012-01-31 08:52:01 ----D---- C:\Program Files\Zrychleni Pocitace
2012-01-31 08:39:05 ----SHD---- C:\System Volume Information
2012-01-31 08:38:19 ----D---- C:\Windows\system32\drivers
2012-01-31 08:26:29 ----D---- C:\Windows\Tasks
2012-01-30 14:49:51 ----D---- C:\Windows\system32\catroot
2012-01-30 14:46:37 ----D---- C:\Windows\inf
2012-01-30 14:46:34 ----D---- C:\Windows\system32\DriverStore
2012-01-30 14:45:42 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-30 14:36:34 ----D---- C:\ProgramData
2012-01-30 14:33:57 ----SD---- C:\ProgramData\Microsoft
2012-01-30 14:29:45 ----D---- C:\Windows\System32
2012-01-30 14:28:32 ----SHD---- C:\Windows\Installer
2012-01-30 14:28:29 ----D---- C:\Config.Msi
2012-01-30 14:28:27 ----D---- C:\Windows\system32\Tasks
2012-01-30 14:27:22 ----D---- C:\ProgramData\Norton
2012-01-30 14:27:15 ----D---- C:\ProgramData\Symantec
2012-01-30 14:26:16 ----D---- C:\Windows\pss
2012-01-29 19:16:46 ----A---- C:\Windows\system.ini
2012-01-29 19:16:39 ----D---- C:\Windows\system32\drivers\etc
2012-01-29 19:11:53 ----D---- C:\Windows\AppPatch
2012-01-29 19:11:48 ----D---- C:\Program Files\Common Files
2012-01-29 10:50:18 ----D---- C:\Windows\Prefetch
2012-01-27 10:32:04 ----D---- C:\Program Files\Google
2012-01-27 10:00:15 ----D---- C:\Program Files\Mozilla Firefox
2012-01-27 08:40:31 ----D---- C:\Users\Bary\AppData\Roaming\Skype
2012-01-26 21:04:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-26 21:02:41 ----HD---- C:\Windows\system32\GroupPolicy
2012-01-26 21:00:59 ----D---- C:\Windows\winsxs
2012-01-22 16:56:34 ----D---- C:\Windows\system32\catroot2
2012-01-19 12:25:18 ----D---- C:\Users\Bary\AppData\Roaming\Vso
2012-01-12 18:05:19 ----D---- C:\Windows\debug
2012-01-11 22:37:43 ----D---- C:\Windows\Microsoft.NET
2012-01-11 22:37:27 ----RSD---- C:\Windows\assembly
2012-01-11 22:33:05 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 22:32:55 ----D---- C:\Windows\ehome
2012-01-05 18:05:39 ----SD---- C:\Users\Bary\AppData\Roaming\Microsoft
2012-01-04 09:50:52 ----D---- C:\ProgramData\Installations
2012-01-04 09:31:04 ----RSD---- C:\Windows\Fonts
2012-01-03 10:48:01 ----D---- C:\Users\Bary\AppData\Roaming\DAEMON Tools Lite
2012-01-03 10:47:08 ----D---- C:\Windows\Panther
2012-01-03 10:47:08 ----D---- C:\Windows\ModemLogs
2012-01-03 10:47:08 ----D---- C:\Windows\Minidump
2012-01-03 10:47:08 ----D---- C:\Windows\Logs
2012-01-01 22:29:36 ----D---- C:\Program Files\Microsoft
2012-01-01 22:27:47 ----D---- C:\Windows\system32\Macromed
2012-01-01 22:19:40 ----D---- C:\Program Files\EA SPORTS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2012-01-26 42672]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-11 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-01-26 73192]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-10-04 37928]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2011-10-04 72872]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2011-10-04 14504]
R1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2002-03-19 14165]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-08 4994048]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-01-26 148632]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-03-03 48640]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2004-12-03 20544]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-04-29 25280]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MosIrUsb;MosIrUsb.sys; C:\Windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-01-19 47360]
S3 PnkBstrK;PnkBstrK; \??\C:\Windows\system32\drivers\PnkBstrK.sys [2011-03-18 137464]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 stusb2ir;USB 2.0 IrDA Bridge; C:\Windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-08 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe [2011-10-04 221864]
R2 fshoster;F-Secure Dll Hoster; C:\Program Files\F-Secure\fshoster32.exe [2011-10-04 156328]
R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-05 61112]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe [2011-10-04 557736]
R3 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [2011-10-04 213672]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400]
S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-03-06 75064]
S4 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-03-18 214520]
S4 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-02-19 186760]
S4 UserAccess;Securom User Access for Windows 2000 and Windows XP a technology by Sony DADC; C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe [2001-12-21 53248]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Run by Bary at 2012-01-31 09:07:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 44 GB (18%) free of 250 GB
Total RAM: 3037 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:07:37, on 31.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\F-Secure\fshoster32.exe
C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\F-Secure\apps\ComputerSecurity\Gadget\fsgadget.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Bary\Downloads\RSIT.exe
C:\Windows\system32\taskeng.exe
C:\Users\Bary\Downloads\RSIT.exe
C:\Program Files\trend micro\Bary.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [F-Secure Hoster] "C:\Program Files\F-Secure\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\F-Secure\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7224 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3239286025-2495322585-12480914-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2, bkmrksync@nokia.com:1.0.0.732, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, vshare@toolbar:1.0.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"fe_5.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_5.0
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
blekkotb.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\extensions\
engine@conduit.com
maps@ovi.com
vshare@toolbar
{75656794-AB59-4712-BFBC-5D816D56F3BC}
{800b5000-a755-47e1-992b-48a1c1357f07}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\tidzd5yy.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
search.xml
web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"F-Secure Hoster"=C:\Program Files\F-Secure\fshoster32.exe [2011-10-04 156328]
"F-Secure Manager"=C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [2011-10-04 311976]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NokiaPCInternetAccess"=C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [2009-09-17 663552]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2011-12-06 187616]
"Google Update"=C:\Users\Bary\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-03 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-phishing Domain Advisor]
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
C:\Program Files\GamePark2\gpcl.exe []
C:\Users\Bary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-12-24 203776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.siren"=sirenacm.dll
"msacm.l3codecp"=l3codecp.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-31 09:01:46 ----D---- C:\rsit
2012-01-31 08:54:34 ----D---- C:\Program Files\CCleaner
2012-01-30 14:45:59 ----A---- C:\Windows\system32\drivers\iaStor.sys
2012-01-30 14:45:42 ----D---- C:\Program Files\Intel
2012-01-29 19:20:48 ----SHD---- C:\$RECYCLE.BIN
2012-01-29 10:48:15 ----D---- C:\Windows\ERDNT
2012-01-26 21:04:37 ----A---- C:\Windows\system32\drivers\fsbts.sys
2012-01-26 21:04:19 ----A---- C:\Windows\system32\drivers\fses.sys
2012-01-26 21:04:18 ----A---- C:\Windows\prodsett_copy.ini
2012-01-26 21:04:17 ----A---- C:\Windows\system32\drivers\fsdfw.sys
2012-01-26 21:01:34 ----D---- C:\ProgramData\fssg
2012-01-26 21:00:48 ----D---- C:\Program Files\F-Secure
2012-01-26 21:00:08 ----D---- C:\ProgramData\F-Secure
2012-01-22 17:01:17 ----D---- C:\Program Files\Xilisoft
2012-01-19 12:19:43 ----D---- C:\Windows\WinAVI Video Converter 9.0
2012-01-19 12:19:43 ----D---- C:\Program Files\WinAVI Video Converter 9.0
2012-01-19 12:08:55 ----D---- C:\Program Files\WinRAR
2012-01-19 10:03:47 ----D---- C:\Program Files\Xvid
2012-01-19 10:03:47 ----A---- C:\Windows\system32\xvidvfw.dll
2012-01-19 10:03:47 ----A---- C:\Windows\system32\xvidcore.dll
2012-01-19 10:03:31 ----A---- C:\Windows\system32\ff_vfw.dll
2012-01-19 10:03:30 ----D---- C:\Program Files\ffdshow
2012-01-19 10:03:12 ----D---- C:\Program Files\Haali
2012-01-19 10:02:32 ----D---- C:\Program Files\AviSynth 2.5
2012-01-19 10:01:49 ----D---- C:\Program Files\Avi2Dvd
2012-01-19 09:56:57 ----A---- C:\Windows\system32\ssubtmr6.dll
2012-01-11 20:08:02 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 20:08:01 ----A---- C:\Windows\system32\packager.dll
2012-01-11 20:08:00 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 20:07:59 ----A---- C:\Windows\system32\qdvd.dll
2012-01-04 09:31:15 ----D---- C:\Users\Bary\AppData\Roaming\Serif
2012-01-03 13:12:25 ----D---- C:\Program Files\DsNET Corp
======List of files/folders modified in the last 1 month======
2060-08-18 19:02:22 ----N---- C:\Windows\system32\Cc3250mt.dll
2060-08-18 18:40:44 ----N---- C:\Windows\system32\Cp3245mt.dll
2060-08-18 18:40:44 ----N---- C:\Windows\system32\Borlndmm.dll
2012-01-31 09:07:37 ----D---- C:\Program Files\trend micro
2012-01-31 09:07:36 ----D---- C:\Windows\Temp
2012-01-31 08:55:48 ----D---- C:\Windows
2012-01-31 08:54:34 ----D---- C:\Program Files
2012-01-31 08:53:57 ----D---- C:\Windows\system32\config
2012-01-31 08:52:01 ----D---- C:\Program Files\Zrychleni Pocitace
2012-01-31 08:39:05 ----SHD---- C:\System Volume Information
2012-01-31 08:38:19 ----D---- C:\Windows\system32\drivers
2012-01-31 08:26:29 ----D---- C:\Windows\Tasks
2012-01-30 14:49:51 ----D---- C:\Windows\system32\catroot
2012-01-30 14:46:37 ----D---- C:\Windows\inf
2012-01-30 14:46:34 ----D---- C:\Windows\system32\DriverStore
2012-01-30 14:45:42 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-30 14:36:34 ----D---- C:\ProgramData
2012-01-30 14:33:57 ----SD---- C:\ProgramData\Microsoft
2012-01-30 14:29:45 ----D---- C:\Windows\System32
2012-01-30 14:28:32 ----SHD---- C:\Windows\Installer
2012-01-30 14:28:29 ----D---- C:\Config.Msi
2012-01-30 14:28:27 ----D---- C:\Windows\system32\Tasks
2012-01-30 14:27:22 ----D---- C:\ProgramData\Norton
2012-01-30 14:27:15 ----D---- C:\ProgramData\Symantec
2012-01-30 14:26:16 ----D---- C:\Windows\pss
2012-01-29 19:16:46 ----A---- C:\Windows\system.ini
2012-01-29 19:16:39 ----D---- C:\Windows\system32\drivers\etc
2012-01-29 19:11:53 ----D---- C:\Windows\AppPatch
2012-01-29 19:11:48 ----D---- C:\Program Files\Common Files
2012-01-29 10:50:18 ----D---- C:\Windows\Prefetch
2012-01-27 10:32:04 ----D---- C:\Program Files\Google
2012-01-27 10:00:15 ----D---- C:\Program Files\Mozilla Firefox
2012-01-27 08:40:31 ----D---- C:\Users\Bary\AppData\Roaming\Skype
2012-01-26 21:04:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-26 21:02:41 ----HD---- C:\Windows\system32\GroupPolicy
2012-01-26 21:00:59 ----D---- C:\Windows\winsxs
2012-01-22 16:56:34 ----D---- C:\Windows\system32\catroot2
2012-01-19 12:25:18 ----D---- C:\Users\Bary\AppData\Roaming\Vso
2012-01-12 18:05:19 ----D---- C:\Windows\debug
2012-01-11 22:37:43 ----D---- C:\Windows\Microsoft.NET
2012-01-11 22:37:27 ----RSD---- C:\Windows\assembly
2012-01-11 22:33:05 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 22:32:55 ----D---- C:\Windows\ehome
2012-01-05 18:05:39 ----SD---- C:\Users\Bary\AppData\Roaming\Microsoft
2012-01-04 09:50:52 ----D---- C:\ProgramData\Installations
2012-01-04 09:31:04 ----RSD---- C:\Windows\Fonts
2012-01-03 10:48:01 ----D---- C:\Users\Bary\AppData\Roaming\DAEMON Tools Lite
2012-01-03 10:47:08 ----D---- C:\Windows\Panther
2012-01-03 10:47:08 ----D---- C:\Windows\ModemLogs
2012-01-03 10:47:08 ----D---- C:\Windows\Minidump
2012-01-03 10:47:08 ----D---- C:\Windows\Logs
2012-01-01 22:29:36 ----D---- C:\Program Files\Microsoft
2012-01-01 22:27:47 ----D---- C:\Windows\system32\Macromed
2012-01-01 22:19:40 ----D---- C:\Program Files\EA SPORTS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2012-01-26 42672]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-11 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-01-26 73192]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-10-04 37928]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2011-10-04 72872]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2011-10-04 14504]
R1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2002-03-19 14165]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-08 4994048]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-01-26 148632]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-03-03 48640]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2004-12-03 20544]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-04-29 25280]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MosIrUsb;MosIrUsb.sys; C:\Windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-01-19 47360]
S3 PnkBstrK;PnkBstrK; \??\C:\Windows\system32\drivers\PnkBstrK.sys [2011-03-18 137464]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 stusb2ir;USB 2.0 IrDA Bridge; C:\Windows\system32\DRIVERS\stusb2ir.sys [2008-01-19 41728]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-08 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe [2011-10-04 221864]
R2 fshoster;F-Secure Dll Hoster; C:\Program Files\F-Secure\fshoster32.exe [2011-10-04 156328]
R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-05 61112]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe [2011-10-04 557736]
R3 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [2011-10-04 213672]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400]
S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-03-06 75064]
S4 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-03-18 214520]
S4 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-02-19 186760]
S4 UserAccess;Securom User Access for Windows 2000 and Windows XP a technology by Sony DADC; C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe [2001-12-21 53248]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Přispějete na provoz fóra?