PC mi poslední dobou zpomalilo, dnes mi dokonce zamrznul a nereagoval na nic, musel jsem vypnout natvrdo.
Přikládám log RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Otakar Vavrečka at 2013-04-14 10:13:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (14%) free of 158 GB
Total RAM: 3066 MB (64% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverCure Startup.job
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-10 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
10
{AF3D7884-B142-414E-943D-75D8D54E1FFF}
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
"cz.seznam.software.autoupdate"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]
"Seznam Postak"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe [2012-12-19 323752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-06-03 880528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-04-14 10:13:03 ----D---- C:\rsit
2013-04-10 08:18:21 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 08:17:40 ----D---- C:\Program Files\VideoLAN
2013-04-10 07:20:51 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 07:20:50 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\iesetup.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-10 07:20:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iernonce.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-10 07:20:47 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 07:20:44 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 07:20:42 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 07:20:39 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\smss.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 15:12:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-04-09 15:12:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-04-09 15:12:54 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\wksprtPS.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\aaclient.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\wksprt.exe
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpudd.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpcorets.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\mstsc.exe
2013-04-09 15:12:46 ----A---- C:\Windows\system32\mstscax.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-09 15:10:18 ----A---- C:\Windows\system32\kernel32.dll
2013-04-09 15:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-09 15:10:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\Wpc.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\gameux.dll
2013-04-09 15:09:38 ----A---- C:\Windows\system32\profsvc.dll
2013-04-09 15:09:37 ----A---- C:\Windows\system32\qdvd.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\ncsi.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\netevent.dll
2013-04-09 15:09:24 ----A---- C:\Windows\system32\spoolsv.exe
2013-04-09 15:09:22 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-04-09 15:09:16 ----A---- C:\Windows\system32\msi.dll
2013-04-09 15:09:15 ----A---- C:\Windows\system32\usp10.dll
2013-04-09 15:09:13 ----A---- C:\Windows\system32\srcore.dll
2013-04-09 15:08:00 ----A---- C:\Windows\system32\schannel.dll
2013-04-09 15:07:59 ----A---- C:\Windows\system32\lsasrv.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-09 14:54:33 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\wextract.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\webcheck.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\vbscript.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\url.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\occache.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msrating.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msls31.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshta.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\inseng.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\imgutil.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iexpress.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iepeers.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\icardie.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\elshyph.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\UIAnimation.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\FntCache.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\dxgi.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\DWrite.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d11.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10level9.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d2d1.dll
2013-04-09 12:32:51 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 12:32:24 ----A---- C:\Windows\system32\rmoc3260.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5032.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5016.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\msvcp71.dll
2013-04-09 12:32:23 ----D---- C:\Program Files\Real Alternative
2013-04-07 21:10:07 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 21:09:54 ----D---- C:\Program Files\iSpy
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-04-05 21:36:44 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-04-05 21:36:11 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-04-05 21:35:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files\Windows Live
2013-04-05 21:19:58 ----D---- C:\Windows\PixArt
2013-04-05 21:19:06 ----A---- C:\Windows\system32\SP7302.INI
2013-04-05 21:19:06 ----A---- C:\Windows\system32\CoInst.dll
2013-04-05 21:19:05 ----D---- C:\Program Files\Logitech
2013-04-05 21:19:05 ----A---- C:\Windows\AMCap.exe
2013-04-05 18:59:23 ----D---- C:\ProgramData\AVAST Software
2013-04-05 15:47:03 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 15:42:00 ----D---- C:\Program Files\Common Files\ArcSoft
2013-04-05 10:00:09 ----D---- C:\Windows\Webcam2200
2013-03-29 21:12:37 ----D---- C:\Program Files\Common Files\Skype
2013-03-15 13:19:54 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ProfiCAD
======List of files/folders modified in the last 1 months======
2013-04-14 10:13:05 ----D---- C:\Program Files\trend micro
2013-04-14 10:12:33 ----D---- C:\Windows\temp
2013-04-14 10:09:42 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz
2013-04-14 10:09:08 ----D---- C:\Windows\inf
2013-04-14 10:09:08 ----AD---- C:\Windows\System32
2013-04-14 10:09:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-14 10:04:55 ----D---- C:\Windows\system32\config
2013-04-14 10:04:54 ----A---- C:\Windows\VTWAIN.INI
2013-04-14 10:04:19 ----D---- C:\Windows\system32\Tasks
2013-04-13 09:56:27 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-04-12 18:02:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-12 12:27:41 ----D---- C:\Program Files\Mozilla Firefox
2013-04-12 12:27:14 ----RD---- C:\Program Files
2013-04-12 08:57:31 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-11 09:39:45 ----SHD---- C:\Windows\Installer
2013-04-11 09:39:45 ----D---- C:\Config.Msi
2013-04-10 07:24:28 ----D---- C:\Windows\winsxs
2013-04-10 07:21:53 ----D---- C:\Windows\system32\drivers
2013-04-10 07:21:53 ----D---- C:\Program Files\Internet Explorer
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot2
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot
2013-04-10 07:18:38 ----D---- C:\Windows\debug
2013-04-10 07:18:31 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 07:18:20 ----SHD---- C:\System Volume Information
2013-04-09 16:22:15 ----D---- C:\Windows\Microsoft.NET
2013-04-09 15:14:08 ----RSD---- C:\Windows\Fonts
2013-04-09 15:14:08 ----D---- C:\Windows\system32\wbem
2013-04-09 15:14:08 ----D---- C:\Windows\system32\en-US
2013-04-09 15:14:08 ----D---- C:\Windows\system32\cs-CZ
2013-04-09 15:14:08 ----D---- C:\Windows\PolicyDefinitions
2013-04-09 15:14:07 ----D---- C:\Windows\system32\migration
2013-04-09 15:14:06 ----D---- C:\Windows\system32\DriverStore
2013-04-09 15:11:13 ----D---- C:\Windows\AppPatch
2013-04-09 14:57:13 ----RSD---- C:\Windows\assembly
2013-04-09 14:30:05 ----D---- C:\Windows\Panther
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-TW
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-HK
2013-04-09 14:27:24 ----D---- C:\Windows\system32\tr-TR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\sv-SE
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-PT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-BR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pl-PL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\nl-NL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\ko-KR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\it-IT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\hu-HU
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fr-FR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fi-FI
2013-04-09 14:27:24 ----D---- C:\Windows\system32\es-ES
2013-04-09 14:27:24 ----D---- C:\Windows\system32\el-GR
2013-04-09 14:27:23 ----D---- C:\Windows\system32\zh-CN
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ru-RU
2013-04-09 14:27:23 ----D---- C:\Windows\system32\nb-NO
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ja-JP
2013-04-09 14:27:23 ----D---- C:\Windows\system32\de-DE
2013-04-09 14:27:23 ----D---- C:\Windows\system32\da-DK
2013-04-09 14:25:47 ----D---- C:\Windows\Logs
2013-04-09 14:18:53 ----D---- C:\Windows
2013-04-09 13:58:56 ----HD---- C:\ProgramData
2013-04-09 13:55:31 ----D---- C:\ProgramData\Adobe
2013-04-09 13:45:54 ----D---- C:\Program Files\Common Files\Adobe
2013-04-09 13:45:53 ----D---- C:\Program Files\Adobe
2013-04-09 11:58:44 ----D---- C:\Windows\system32\NDF
2013-04-07 16:41:41 ----D---- C:\Program Files\Common Files\microsoft shared
2013-04-07 16:41:20 ----SD---- C:\ProgramData\Microsoft
2013-04-05 21:51:37 ----A---- C:\Windows\win.ini
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files
2013-04-05 21:19:58 ----D---- C:\Windows\twain_32
2013-04-05 21:19:05 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-05 18:19:56 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla
2013-04-05 17:12:15 ----D---- C:\Windows\Tasks
2013-04-05 17:12:15 ----D---- C:\Windows\system32\wfp
2013-04-05 17:11:01 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-05 17:11:00 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
2013-04-05 17:10:53 ----D---- C:\Windows\registration
2013-03-29 21:12:39 ----D---- C:\ProgramData\Skype
2013-03-29 21:12:37 ----RD---- C:\Program Files\Skype
2013-03-22 08:24:33 ----D---- C:\Program Files\Google
2013-03-15 20:41:30 ----D---- C:\Program Files\ProfiCAD
2013-03-15 07:44:59 ----D---- C:\Program Files\Microsoft Silverlight
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zamrznul PC-log
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamrznul PC-log
Blbý můžeš být,ale musíš si umět poradit...
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznul PC-log
Zdravím!
Log není kompletní.
Log není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznul PC-log
Před ukončením logu mi vyskočí táto hláška.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Otakar Vavrečka at 2013-04-14 15:58:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (12%) free of 158 GB
Total RAM: 3066 MB (77% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverCure Startup.job
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-10 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
10
{AF3D7884-B142-414E-943D-75D8D54E1FFF}
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
"cz.seznam.software.autoupdate"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]
"Seznam Postak"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe [2012-12-19 323752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-06-03 880528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-04-14 10:13:03 ----D---- C:\rsit
2013-04-10 08:18:21 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 08:17:40 ----D---- C:\Program Files\VideoLAN
2013-04-10 07:20:51 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 07:20:50 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\iesetup.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-10 07:20:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iernonce.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-10 07:20:47 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 07:20:44 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 07:20:42 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 07:20:39 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\smss.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 15:12:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-04-09 15:12:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-04-09 15:12:54 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\wksprtPS.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\aaclient.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\wksprt.exe
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpudd.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpcorets.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\mstsc.exe
2013-04-09 15:12:46 ----A---- C:\Windows\system32\mstscax.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-09 15:10:18 ----A---- C:\Windows\system32\kernel32.dll
2013-04-09 15:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-09 15:10:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\Wpc.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\gameux.dll
2013-04-09 15:09:38 ----A---- C:\Windows\system32\profsvc.dll
2013-04-09 15:09:37 ----A---- C:\Windows\system32\qdvd.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\ncsi.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\netevent.dll
2013-04-09 15:09:24 ----A---- C:\Windows\system32\spoolsv.exe
2013-04-09 15:09:22 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-04-09 15:09:16 ----A---- C:\Windows\system32\msi.dll
2013-04-09 15:09:15 ----A---- C:\Windows\system32\usp10.dll
2013-04-09 15:09:13 ----A---- C:\Windows\system32\srcore.dll
2013-04-09 15:08:00 ----A---- C:\Windows\system32\schannel.dll
2013-04-09 15:07:59 ----A---- C:\Windows\system32\lsasrv.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-09 14:54:33 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\wextract.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\webcheck.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\vbscript.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\url.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\occache.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msrating.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msls31.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshta.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\inseng.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\imgutil.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iexpress.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iepeers.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\icardie.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\elshyph.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\UIAnimation.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\FntCache.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\dxgi.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\DWrite.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d11.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10level9.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d2d1.dll
2013-04-09 12:32:51 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 12:32:24 ----A---- C:\Windows\system32\rmoc3260.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5032.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5016.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\msvcp71.dll
2013-04-09 12:32:23 ----D---- C:\Program Files\Real Alternative
2013-04-07 21:10:07 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 21:09:54 ----D---- C:\Program Files\iSpy
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-04-05 21:36:44 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-04-05 21:36:11 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-04-05 21:35:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files\Windows Live
2013-04-05 21:19:58 ----D---- C:\Windows\PixArt
2013-04-05 21:19:06 ----A---- C:\Windows\system32\SP7302.INI
2013-04-05 21:19:06 ----A---- C:\Windows\system32\CoInst.dll
2013-04-05 21:19:05 ----D---- C:\Program Files\Logitech
2013-04-05 21:19:05 ----A---- C:\Windows\AMCap.exe
2013-04-05 18:59:23 ----D---- C:\ProgramData\AVAST Software
2013-04-05 15:47:03 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 15:42:00 ----D---- C:\Program Files\Common Files\ArcSoft
2013-04-05 10:00:09 ----D---- C:\Windows\Webcam2200
2013-03-29 21:12:37 ----D---- C:\Program Files\Common Files\Skype
2013-03-15 13:19:54 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ProfiCAD
======List of files/folders modified in the last 1 months======
2013-04-14 15:58:33 ----D---- C:\Program Files\trend micro
2013-04-14 15:58:32 ----D---- C:\Windows\temp
2013-04-14 13:32:19 ----D---- C:\Windows\system32\config
2013-04-14 13:27:36 ----D---- C:\Windows\inf
2013-04-14 13:27:36 ----AD---- C:\Windows\System32
2013-04-14 13:27:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-14 13:26:48 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz
2013-04-14 13:22:09 ----A---- C:\Windows\VTWAIN.INI
2013-04-14 13:21:32 ----D---- C:\Windows\system32\Tasks
2013-04-13 09:56:27 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-04-12 18:02:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-12 12:27:41 ----D---- C:\Program Files\Mozilla Firefox
2013-04-12 12:27:14 ----RD---- C:\Program Files
2013-04-12 08:57:31 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-11 09:39:45 ----SHD---- C:\Windows\Installer
2013-04-11 09:39:45 ----D---- C:\Config.Msi
2013-04-10 07:24:28 ----D---- C:\Windows\winsxs
2013-04-10 07:21:53 ----D---- C:\Windows\system32\drivers
2013-04-10 07:21:53 ----D---- C:\Program Files\Internet Explorer
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot2
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot
2013-04-10 07:18:38 ----D---- C:\Windows\debug
2013-04-10 07:18:31 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 07:18:20 ----SHD---- C:\System Volume Information
2013-04-09 16:22:15 ----D---- C:\Windows\Microsoft.NET
2013-04-09 15:14:08 ----RSD---- C:\Windows\Fonts
2013-04-09 15:14:08 ----D---- C:\Windows\system32\wbem
2013-04-09 15:14:08 ----D---- C:\Windows\system32\en-US
2013-04-09 15:14:08 ----D---- C:\Windows\system32\cs-CZ
2013-04-09 15:14:08 ----D---- C:\Windows\PolicyDefinitions
2013-04-09 15:14:07 ----D---- C:\Windows\system32\migration
2013-04-09 15:14:06 ----D---- C:\Windows\system32\DriverStore
2013-04-09 15:11:13 ----D---- C:\Windows\AppPatch
2013-04-09 14:57:13 ----RSD---- C:\Windows\assembly
2013-04-09 14:30:05 ----D---- C:\Windows\Panther
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-TW
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-HK
2013-04-09 14:27:24 ----D---- C:\Windows\system32\tr-TR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\sv-SE
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-PT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-BR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pl-PL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\nl-NL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\ko-KR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\it-IT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\hu-HU
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fr-FR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fi-FI
2013-04-09 14:27:24 ----D---- C:\Windows\system32\es-ES
2013-04-09 14:27:24 ----D---- C:\Windows\system32\el-GR
2013-04-09 14:27:23 ----D---- C:\Windows\system32\zh-CN
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ru-RU
2013-04-09 14:27:23 ----D---- C:\Windows\system32\nb-NO
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ja-JP
2013-04-09 14:27:23 ----D---- C:\Windows\system32\de-DE
2013-04-09 14:27:23 ----D---- C:\Windows\system32\da-DK
2013-04-09 14:25:47 ----D---- C:\Windows\Logs
2013-04-09 14:18:53 ----D---- C:\Windows
2013-04-09 13:58:56 ----HD---- C:\ProgramData
2013-04-09 13:55:31 ----D---- C:\ProgramData\Adobe
2013-04-09 13:45:54 ----D---- C:\Program Files\Common Files\Adobe
2013-04-09 13:45:53 ----D---- C:\Program Files\Adobe
2013-04-09 11:58:44 ----D---- C:\Windows\system32\NDF
2013-04-07 16:41:41 ----D---- C:\Program Files\Common Files\microsoft shared
2013-04-07 16:41:20 ----SD---- C:\ProgramData\Microsoft
2013-04-05 21:51:37 ----A---- C:\Windows\win.ini
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files
2013-04-05 21:19:58 ----D---- C:\Windows\twain_32
2013-04-05 21:19:05 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-05 18:19:56 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla
2013-04-05 17:12:15 ----D---- C:\Windows\Tasks
2013-04-05 17:12:15 ----D---- C:\Windows\system32\wfp
2013-04-05 17:11:01 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-05 17:11:00 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
2013-04-05 17:10:53 ----D---- C:\Windows\registration
2013-03-29 21:12:39 ----D---- C:\ProgramData\Skype
2013-03-29 21:12:37 ----RD---- C:\Program Files\Skype
2013-03-22 08:24:33 ----D---- C:\Program Files\Google
2013-03-15 20:41:30 ----D---- C:\Program Files\ProfiCAD
2013-03-15 07:44:59 ----D---- C:\Program Files\Microsoft Silverlight
- Výstřižek.PNG (36.85 KiB) Zobrazeno 1096 x
Run by Otakar Vavrečka at 2013-04-14 15:58:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (12%) free of 158 GB
Total RAM: 3066 MB (77% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverCure Startup.job
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-10 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
10
{AF3D7884-B142-414E-943D-75D8D54E1FFF}
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
"cz.seznam.software.autoupdate"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]
"Seznam Postak"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe [2012-12-19 323752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-06-03 880528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-04-14 10:13:03 ----D---- C:\rsit
2013-04-10 08:18:21 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 08:17:40 ----D---- C:\Program Files\VideoLAN
2013-04-10 07:20:51 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 07:20:50 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\iesetup.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-10 07:20:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iernonce.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-10 07:20:47 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 07:20:44 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 07:20:42 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 07:20:39 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\smss.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 15:12:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-04-09 15:12:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-04-09 15:12:54 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\wksprtPS.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\aaclient.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\wksprt.exe
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpudd.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpcorets.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\mstsc.exe
2013-04-09 15:12:46 ----A---- C:\Windows\system32\mstscax.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-09 15:10:18 ----A---- C:\Windows\system32\kernel32.dll
2013-04-09 15:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-09 15:10:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\Wpc.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\gameux.dll
2013-04-09 15:09:38 ----A---- C:\Windows\system32\profsvc.dll
2013-04-09 15:09:37 ----A---- C:\Windows\system32\qdvd.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\ncsi.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\netevent.dll
2013-04-09 15:09:24 ----A---- C:\Windows\system32\spoolsv.exe
2013-04-09 15:09:22 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-04-09 15:09:16 ----A---- C:\Windows\system32\msi.dll
2013-04-09 15:09:15 ----A---- C:\Windows\system32\usp10.dll
2013-04-09 15:09:13 ----A---- C:\Windows\system32\srcore.dll
2013-04-09 15:08:00 ----A---- C:\Windows\system32\schannel.dll
2013-04-09 15:07:59 ----A---- C:\Windows\system32\lsasrv.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-09 14:54:33 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\wextract.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\webcheck.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\vbscript.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\url.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\occache.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msrating.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msls31.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshta.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\inseng.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\imgutil.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iexpress.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iepeers.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\icardie.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\elshyph.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\UIAnimation.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\FntCache.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\dxgi.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\DWrite.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d11.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10level9.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d2d1.dll
2013-04-09 12:32:51 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 12:32:24 ----A---- C:\Windows\system32\rmoc3260.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5032.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5016.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\msvcp71.dll
2013-04-09 12:32:23 ----D---- C:\Program Files\Real Alternative
2013-04-07 21:10:07 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 21:09:54 ----D---- C:\Program Files\iSpy
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-04-05 21:36:44 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-04-05 21:36:11 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-04-05 21:35:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files\Windows Live
2013-04-05 21:19:58 ----D---- C:\Windows\PixArt
2013-04-05 21:19:06 ----A---- C:\Windows\system32\SP7302.INI
2013-04-05 21:19:06 ----A---- C:\Windows\system32\CoInst.dll
2013-04-05 21:19:05 ----D---- C:\Program Files\Logitech
2013-04-05 21:19:05 ----A---- C:\Windows\AMCap.exe
2013-04-05 18:59:23 ----D---- C:\ProgramData\AVAST Software
2013-04-05 15:47:03 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 15:42:00 ----D---- C:\Program Files\Common Files\ArcSoft
2013-04-05 10:00:09 ----D---- C:\Windows\Webcam2200
2013-03-29 21:12:37 ----D---- C:\Program Files\Common Files\Skype
2013-03-15 13:19:54 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ProfiCAD
======List of files/folders modified in the last 1 months======
2013-04-14 15:58:33 ----D---- C:\Program Files\trend micro
2013-04-14 15:58:32 ----D---- C:\Windows\temp
2013-04-14 13:32:19 ----D---- C:\Windows\system32\config
2013-04-14 13:27:36 ----D---- C:\Windows\inf
2013-04-14 13:27:36 ----AD---- C:\Windows\System32
2013-04-14 13:27:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-14 13:26:48 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz
2013-04-14 13:22:09 ----A---- C:\Windows\VTWAIN.INI
2013-04-14 13:21:32 ----D---- C:\Windows\system32\Tasks
2013-04-13 09:56:27 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-04-12 18:02:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-12 12:27:41 ----D---- C:\Program Files\Mozilla Firefox
2013-04-12 12:27:14 ----RD---- C:\Program Files
2013-04-12 08:57:31 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-11 09:39:45 ----SHD---- C:\Windows\Installer
2013-04-11 09:39:45 ----D---- C:\Config.Msi
2013-04-10 07:24:28 ----D---- C:\Windows\winsxs
2013-04-10 07:21:53 ----D---- C:\Windows\system32\drivers
2013-04-10 07:21:53 ----D---- C:\Program Files\Internet Explorer
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot2
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot
2013-04-10 07:18:38 ----D---- C:\Windows\debug
2013-04-10 07:18:31 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 07:18:20 ----SHD---- C:\System Volume Information
2013-04-09 16:22:15 ----D---- C:\Windows\Microsoft.NET
2013-04-09 15:14:08 ----RSD---- C:\Windows\Fonts
2013-04-09 15:14:08 ----D---- C:\Windows\system32\wbem
2013-04-09 15:14:08 ----D---- C:\Windows\system32\en-US
2013-04-09 15:14:08 ----D---- C:\Windows\system32\cs-CZ
2013-04-09 15:14:08 ----D---- C:\Windows\PolicyDefinitions
2013-04-09 15:14:07 ----D---- C:\Windows\system32\migration
2013-04-09 15:14:06 ----D---- C:\Windows\system32\DriverStore
2013-04-09 15:11:13 ----D---- C:\Windows\AppPatch
2013-04-09 14:57:13 ----RSD---- C:\Windows\assembly
2013-04-09 14:30:05 ----D---- C:\Windows\Panther
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-TW
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-HK
2013-04-09 14:27:24 ----D---- C:\Windows\system32\tr-TR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\sv-SE
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-PT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-BR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pl-PL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\nl-NL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\ko-KR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\it-IT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\hu-HU
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fr-FR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fi-FI
2013-04-09 14:27:24 ----D---- C:\Windows\system32\es-ES
2013-04-09 14:27:24 ----D---- C:\Windows\system32\el-GR
2013-04-09 14:27:23 ----D---- C:\Windows\system32\zh-CN
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ru-RU
2013-04-09 14:27:23 ----D---- C:\Windows\system32\nb-NO
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ja-JP
2013-04-09 14:27:23 ----D---- C:\Windows\system32\de-DE
2013-04-09 14:27:23 ----D---- C:\Windows\system32\da-DK
2013-04-09 14:25:47 ----D---- C:\Windows\Logs
2013-04-09 14:18:53 ----D---- C:\Windows
2013-04-09 13:58:56 ----HD---- C:\ProgramData
2013-04-09 13:55:31 ----D---- C:\ProgramData\Adobe
2013-04-09 13:45:54 ----D---- C:\Program Files\Common Files\Adobe
2013-04-09 13:45:53 ----D---- C:\Program Files\Adobe
2013-04-09 11:58:44 ----D---- C:\Windows\system32\NDF
2013-04-07 16:41:41 ----D---- C:\Program Files\Common Files\microsoft shared
2013-04-07 16:41:20 ----SD---- C:\ProgramData\Microsoft
2013-04-05 21:51:37 ----A---- C:\Windows\win.ini
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files
2013-04-05 21:19:58 ----D---- C:\Windows\twain_32
2013-04-05 21:19:05 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-05 18:19:56 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla
2013-04-05 17:12:15 ----D---- C:\Windows\Tasks
2013-04-05 17:12:15 ----D---- C:\Windows\system32\wfp
2013-04-05 17:11:01 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-05 17:11:00 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
2013-04-05 17:10:53 ----D---- C:\Windows\registration
2013-03-29 21:12:39 ----D---- C:\ProgramData\Skype
2013-03-29 21:12:37 ----RD---- C:\Program Files\Skype
2013-03-22 08:24:33 ----D---- C:\Program Files\Google
2013-03-15 20:41:30 ----D---- C:\Program Files\ProfiCAD
2013-03-15 07:44:59 ----D---- C:\Program Files\Microsoft Silverlight
Blbý můžeš být,ale musíš si umět poradit...
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznul PC-log
Spusťte RSIT jako správce.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznul PC-log
Právě že takto jej spouštím a přezto pokaždé mi vyskočí táto tabulka, blokne se to a je konec.
Blbý můžeš být,ale musíš si umět poradit...
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznul PC-log
Zkuste to v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznul PC-log
V nouzovém režímu je to to samé.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Otakar Vavrečka at 2013-04-14 20:32:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (12%) free of 158 GB
Total RAM: 3066 MB (73% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverCure Startup.job
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-10 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
10
{AF3D7884-B142-414E-943D-75D8D54E1FFF}
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
"cz.seznam.software.autoupdate"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]
"Seznam Postak"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe [2012-12-19 323752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-06-03 880528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-04-14 20:29:54 ----A---- C:\Windows\ntbtlog.txt
2013-04-14 10:13:03 ----D---- C:\rsit
2013-04-10 08:18:21 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 08:17:40 ----D---- C:\Program Files\VideoLAN
2013-04-10 07:20:51 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 07:20:50 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\iesetup.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-10 07:20:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iernonce.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-10 07:20:47 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 07:20:44 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 07:20:42 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 07:20:39 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\smss.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 15:12:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-04-09 15:12:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-04-09 15:12:54 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\wksprtPS.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\aaclient.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\wksprt.exe
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpudd.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpcorets.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\mstsc.exe
2013-04-09 15:12:46 ----A---- C:\Windows\system32\mstscax.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-09 15:10:18 ----A---- C:\Windows\system32\kernel32.dll
2013-04-09 15:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-09 15:10:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\Wpc.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\gameux.dll
2013-04-09 15:09:38 ----A---- C:\Windows\system32\profsvc.dll
2013-04-09 15:09:37 ----A---- C:\Windows\system32\qdvd.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\ncsi.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\netevent.dll
2013-04-09 15:09:24 ----A---- C:\Windows\system32\spoolsv.exe
2013-04-09 15:09:22 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-04-09 15:09:16 ----A---- C:\Windows\system32\msi.dll
2013-04-09 15:09:15 ----A---- C:\Windows\system32\usp10.dll
2013-04-09 15:09:13 ----A---- C:\Windows\system32\srcore.dll
2013-04-09 15:08:00 ----A---- C:\Windows\system32\schannel.dll
2013-04-09 15:07:59 ----A---- C:\Windows\system32\lsasrv.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-09 14:54:33 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\wextract.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\webcheck.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\vbscript.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\url.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\occache.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msrating.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msls31.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshta.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\inseng.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\imgutil.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iexpress.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iepeers.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\icardie.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\elshyph.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\UIAnimation.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\FntCache.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\dxgi.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\DWrite.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d11.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10level9.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d2d1.dll
2013-04-09 12:32:51 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 12:32:24 ----A---- C:\Windows\system32\rmoc3260.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5032.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5016.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\msvcp71.dll
2013-04-09 12:32:23 ----D---- C:\Program Files\Real Alternative
2013-04-07 21:10:07 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 21:09:54 ----D---- C:\Program Files\iSpy
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-04-05 21:36:44 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-04-05 21:36:11 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-04-05 21:35:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files\Windows Live
2013-04-05 21:19:58 ----D---- C:\Windows\PixArt
2013-04-05 21:19:06 ----A---- C:\Windows\system32\SP7302.INI
2013-04-05 21:19:06 ----A---- C:\Windows\system32\CoInst.dll
2013-04-05 21:19:05 ----D---- C:\Program Files\Logitech
2013-04-05 21:19:05 ----A---- C:\Windows\AMCap.exe
2013-04-05 18:59:23 ----D---- C:\ProgramData\AVAST Software
2013-04-05 15:47:03 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 15:42:00 ----D---- C:\Program Files\Common Files\ArcSoft
2013-04-05 10:00:09 ----D---- C:\Windows\Webcam2200
2013-03-29 21:12:37 ----D---- C:\Program Files\Common Files\Skype
2013-03-15 13:19:54 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ProfiCAD
======List of files/folders modified in the last 1 months======
2013-04-14 20:32:22 ----D---- C:\Program Files\trend micro
2013-04-14 20:29:54 ----D---- C:\Windows
2013-04-14 20:29:13 ----D---- C:\Windows\system32\Tasks
2013-04-14 20:29:07 ----A---- C:\Windows\VTWAIN.INI
2013-04-14 20:26:49 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz
2013-04-14 20:26:47 ----D---- C:\Windows\temp
2013-04-14 20:26:29 ----AD---- C:\Windows\System32
2013-04-14 20:26:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-14 20:26:28 ----D---- C:\Windows\inf
2013-04-14 20:22:09 ----D---- C:\Windows\system32\config
2013-04-14 19:15:38 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-04-14 17:20:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-12 18:02:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-12 12:27:41 ----D---- C:\Program Files\Mozilla Firefox
2013-04-12 12:27:14 ----RD---- C:\Program Files
2013-04-11 09:39:45 ----SHD---- C:\Windows\Installer
2013-04-11 09:39:45 ----D---- C:\Config.Msi
2013-04-10 07:24:28 ----D---- C:\Windows\winsxs
2013-04-10 07:21:53 ----D---- C:\Windows\system32\drivers
2013-04-10 07:21:53 ----D---- C:\Program Files\Internet Explorer
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot2
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot
2013-04-10 07:18:38 ----D---- C:\Windows\debug
2013-04-10 07:18:31 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 07:18:20 ----SHD---- C:\System Volume Information
2013-04-09 16:22:15 ----D---- C:\Windows\Microsoft.NET
2013-04-09 15:14:08 ----RSD---- C:\Windows\Fonts
2013-04-09 15:14:08 ----D---- C:\Windows\system32\wbem
2013-04-09 15:14:08 ----D---- C:\Windows\system32\en-US
2013-04-09 15:14:08 ----D---- C:\Windows\system32\cs-CZ
2013-04-09 15:14:08 ----D---- C:\Windows\PolicyDefinitions
2013-04-09 15:14:07 ----D---- C:\Windows\system32\migration
2013-04-09 15:14:06 ----D---- C:\Windows\system32\DriverStore
2013-04-09 15:11:13 ----D---- C:\Windows\AppPatch
2013-04-09 14:57:13 ----RSD---- C:\Windows\assembly
2013-04-09 14:30:05 ----D---- C:\Windows\Panther
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-TW
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-HK
2013-04-09 14:27:24 ----D---- C:\Windows\system32\tr-TR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\sv-SE
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-PT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-BR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pl-PL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\nl-NL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\ko-KR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\it-IT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\hu-HU
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fr-FR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fi-FI
2013-04-09 14:27:24 ----D---- C:\Windows\system32\es-ES
2013-04-09 14:27:24 ----D---- C:\Windows\system32\el-GR
2013-04-09 14:27:23 ----D---- C:\Windows\system32\zh-CN
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ru-RU
2013-04-09 14:27:23 ----D---- C:\Windows\system32\nb-NO
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ja-JP
2013-04-09 14:27:23 ----D---- C:\Windows\system32\de-DE
2013-04-09 14:27:23 ----D---- C:\Windows\system32\da-DK
2013-04-09 14:25:47 ----D---- C:\Windows\Logs
2013-04-09 13:58:56 ----HD---- C:\ProgramData
2013-04-09 13:55:31 ----D---- C:\ProgramData\Adobe
2013-04-09 13:45:54 ----D---- C:\Program Files\Common Files\Adobe
2013-04-09 13:45:53 ----D---- C:\Program Files\Adobe
2013-04-09 11:58:44 ----D---- C:\Windows\system32\NDF
2013-04-07 16:41:41 ----D---- C:\Program Files\Common Files\microsoft shared
2013-04-07 16:41:20 ----SD---- C:\ProgramData\Microsoft
2013-04-05 21:51:37 ----A---- C:\Windows\win.ini
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files
2013-04-05 21:19:58 ----D---- C:\Windows\twain_32
2013-04-05 21:19:05 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-05 18:19:56 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla
2013-04-05 17:12:15 ----D---- C:\Windows\Tasks
2013-04-05 17:12:15 ----D---- C:\Windows\system32\wfp
2013-04-05 17:11:01 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-05 17:11:00 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
2013-04-05 17:10:53 ----D---- C:\Windows\registration
2013-03-29 21:12:39 ----D---- C:\ProgramData\Skype
2013-03-29 21:12:37 ----RD---- C:\Program Files\Skype
2013-03-22 08:24:33 ----D---- C:\Program Files\Google
2013-03-15 20:41:30 ----D---- C:\Program Files\ProfiCAD
2013-03-15 07:44:59 ----D---- C:\Program Files\Microsoft Silverlight
Logfile of random's system information tool 1.06 (written by random/random)
Run by Otakar Vavrečka at 2013-04-14 20:32:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (12%) free of 158 GB
Total RAM: 3066 MB (73% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverCure Startup.job
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-10 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
10
{AF3D7884-B142-414E-943D-75D8D54E1FFF}
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
"cz.seznam.software.autoupdate"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]
"Seznam Postak"=C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe [2012-12-19 323752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-06-03 880528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-04-14 20:29:54 ----A---- C:\Windows\ntbtlog.txt
2013-04-14 10:13:03 ----D---- C:\rsit
2013-04-10 08:18:21 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 08:17:40 ----D---- C:\Program Files\VideoLAN
2013-04-10 07:20:51 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 07:20:50 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 07:20:49 ----A---- C:\Windows\system32\iesetup.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-10 07:20:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\iernonce.dll
2013-04-10 07:20:48 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-10 07:20:47 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 07:20:44 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 07:20:42 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 07:20:39 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 07:10:14 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\smss.exe
2013-04-10 07:10:12 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 15:12:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-04-09 15:12:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-04-09 15:12:54 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\wksprtPS.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-04-09 15:12:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-04-09 15:12:48 ----A---- C:\Windows\system32\aaclient.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\wksprt.exe
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpudd.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\rdpcorets.dll
2013-04-09 15:12:47 ----A---- C:\Windows\system32\mstsc.exe
2013-04-09 15:12:46 ----A---- C:\Windows\system32\mstscax.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\KernelBase.dll
2013-04-09 15:10:19 ----A---- C:\Windows\system32\conhost.exe
2013-04-09 15:10:18 ----A---- C:\Windows\system32\kernel32.dll
2013-04-09 15:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-04-09 15:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-04-09 15:10:15 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-04-09 15:10:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-04-09 15:10:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\Wpc.dll
2013-04-09 15:09:51 ----A---- C:\Windows\system32\gameux.dll
2013-04-09 15:09:38 ----A---- C:\Windows\system32\profsvc.dll
2013-04-09 15:09:37 ----A---- C:\Windows\system32\qdvd.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\netcorehc.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\ncsi.dll
2013-04-09 15:09:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlasvc.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\nlaapi.dll
2013-04-09 15:09:28 ----A---- C:\Windows\system32\netevent.dll
2013-04-09 15:09:24 ----A---- C:\Windows\system32\spoolsv.exe
2013-04-09 15:09:22 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-04-09 15:09:16 ----A---- C:\Windows\system32\msi.dll
2013-04-09 15:09:15 ----A---- C:\Windows\system32\usp10.dll
2013-04-09 15:09:13 ----A---- C:\Windows\system32\srcore.dll
2013-04-09 15:08:00 ----A---- C:\Windows\system32\schannel.dll
2013-04-09 15:07:59 ----A---- C:\Windows\system32\lsasrv.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-04-09 15:06:22 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-04-09 14:54:33 ----A---- C:\Windows\system32\Wdfres.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-04-09 14:53:51 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFx.dll
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFHost.exe
2013-04-09 14:53:49 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\wextract.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\webcheck.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\vbscript.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\url.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\occache.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msrating.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msls31.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\mshta.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\inseng.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\imgutil.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iexpress.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iepeers.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\icardie.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\elshyph.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-09 14:22:40 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-09 14:21:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\UIAnimation.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\FntCache.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\dxgi.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\DWrite.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d11.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10level9.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d3d10.dll
2013-04-09 14:21:20 ----A---- C:\Windows\system32\d2d1.dll
2013-04-09 12:32:51 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 12:32:24 ----A---- C:\Windows\system32\rmoc3260.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5032.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\pndx5016.dll
2013-04-09 12:32:24 ----A---- C:\Windows\system32\msvcp71.dll
2013-04-09 12:32:23 ----D---- C:\Program Files\Real Alternative
2013-04-07 21:10:07 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 21:09:54 ----D---- C:\Program Files\iSpy
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-04-05 21:36:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-04-05 21:36:44 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-04-05 21:36:11 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-04-05 21:35:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files\Windows Live
2013-04-05 21:19:58 ----D---- C:\Windows\PixArt
2013-04-05 21:19:06 ----A---- C:\Windows\system32\SP7302.INI
2013-04-05 21:19:06 ----A---- C:\Windows\system32\CoInst.dll
2013-04-05 21:19:05 ----D---- C:\Program Files\Logitech
2013-04-05 21:19:05 ----A---- C:\Windows\AMCap.exe
2013-04-05 18:59:23 ----D---- C:\ProgramData\AVAST Software
2013-04-05 15:47:03 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 15:42:00 ----D---- C:\Program Files\Common Files\ArcSoft
2013-04-05 10:00:09 ----D---- C:\Windows\Webcam2200
2013-03-29 21:12:37 ----D---- C:\Program Files\Common Files\Skype
2013-03-15 13:19:54 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ProfiCAD
======List of files/folders modified in the last 1 months======
2013-04-14 20:32:22 ----D---- C:\Program Files\trend micro
2013-04-14 20:29:54 ----D---- C:\Windows
2013-04-14 20:29:13 ----D---- C:\Windows\system32\Tasks
2013-04-14 20:29:07 ----A---- C:\Windows\VTWAIN.INI
2013-04-14 20:26:49 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Seznam.cz
2013-04-14 20:26:47 ----D---- C:\Windows\temp
2013-04-14 20:26:29 ----AD---- C:\Windows\System32
2013-04-14 20:26:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-14 20:26:28 ----D---- C:\Windows\inf
2013-04-14 20:22:09 ----D---- C:\Windows\system32\config
2013-04-14 19:15:38 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-04-14 17:20:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-12 18:02:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-12 12:27:41 ----D---- C:\Program Files\Mozilla Firefox
2013-04-12 12:27:14 ----RD---- C:\Program Files
2013-04-11 09:39:45 ----SHD---- C:\Windows\Installer
2013-04-11 09:39:45 ----D---- C:\Config.Msi
2013-04-10 07:24:28 ----D---- C:\Windows\winsxs
2013-04-10 07:21:53 ----D---- C:\Windows\system32\drivers
2013-04-10 07:21:53 ----D---- C:\Program Files\Internet Explorer
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot2
2013-04-10 07:21:06 ----D---- C:\Windows\system32\catroot
2013-04-10 07:18:38 ----D---- C:\Windows\debug
2013-04-10 07:18:31 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 07:18:20 ----SHD---- C:\System Volume Information
2013-04-09 16:22:15 ----D---- C:\Windows\Microsoft.NET
2013-04-09 15:14:08 ----RSD---- C:\Windows\Fonts
2013-04-09 15:14:08 ----D---- C:\Windows\system32\wbem
2013-04-09 15:14:08 ----D---- C:\Windows\system32\en-US
2013-04-09 15:14:08 ----D---- C:\Windows\system32\cs-CZ
2013-04-09 15:14:08 ----D---- C:\Windows\PolicyDefinitions
2013-04-09 15:14:07 ----D---- C:\Windows\system32\migration
2013-04-09 15:14:06 ----D---- C:\Windows\system32\DriverStore
2013-04-09 15:11:13 ----D---- C:\Windows\AppPatch
2013-04-09 14:57:13 ----RSD---- C:\Windows\assembly
2013-04-09 14:30:05 ----D---- C:\Windows\Panther
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-TW
2013-04-09 14:27:24 ----D---- C:\Windows\system32\zh-HK
2013-04-09 14:27:24 ----D---- C:\Windows\system32\tr-TR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\sv-SE
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-PT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pt-BR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\pl-PL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\nl-NL
2013-04-09 14:27:24 ----D---- C:\Windows\system32\ko-KR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\it-IT
2013-04-09 14:27:24 ----D---- C:\Windows\system32\hu-HU
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fr-FR
2013-04-09 14:27:24 ----D---- C:\Windows\system32\fi-FI
2013-04-09 14:27:24 ----D---- C:\Windows\system32\es-ES
2013-04-09 14:27:24 ----D---- C:\Windows\system32\el-GR
2013-04-09 14:27:23 ----D---- C:\Windows\system32\zh-CN
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ru-RU
2013-04-09 14:27:23 ----D---- C:\Windows\system32\nb-NO
2013-04-09 14:27:23 ----D---- C:\Windows\system32\ja-JP
2013-04-09 14:27:23 ----D---- C:\Windows\system32\de-DE
2013-04-09 14:27:23 ----D---- C:\Windows\system32\da-DK
2013-04-09 14:25:47 ----D---- C:\Windows\Logs
2013-04-09 13:58:56 ----HD---- C:\ProgramData
2013-04-09 13:55:31 ----D---- C:\ProgramData\Adobe
2013-04-09 13:45:54 ----D---- C:\Program Files\Common Files\Adobe
2013-04-09 13:45:53 ----D---- C:\Program Files\Adobe
2013-04-09 11:58:44 ----D---- C:\Windows\system32\NDF
2013-04-07 16:41:41 ----D---- C:\Program Files\Common Files\microsoft shared
2013-04-07 16:41:20 ----SD---- C:\ProgramData\Microsoft
2013-04-05 21:51:37 ----A---- C:\Windows\win.ini
2013-04-05 21:31:20 ----D---- C:\Program Files\Common Files
2013-04-05 21:19:58 ----D---- C:\Windows\twain_32
2013-04-05 21:19:05 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-05 18:19:56 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla
2013-04-05 17:12:15 ----D---- C:\Windows\Tasks
2013-04-05 17:12:15 ----D---- C:\Windows\system32\wfp
2013-04-05 17:11:01 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-05 17:11:00 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
2013-04-05 17:10:53 ----D---- C:\Windows\registration
2013-03-29 21:12:39 ----D---- C:\ProgramData\Skype
2013-03-29 21:12:37 ----RD---- C:\Program Files\Skype
2013-03-22 08:24:33 ----D---- C:\Program Files\Google
2013-03-15 20:41:30 ----D---- C:\Program Files\ProfiCAD
2013-03-15 07:44:59 ----D---- C:\Program Files\Microsoft Silverlight
Blbý můžeš být,ale musíš si umět poradit...
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznul PC-log
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznul PC-log
Postupoval jsem podle Vaších instrukcí, stáhnul jsem ComboFix, vypnul jsem rezidentní štíty do restartu PC, spustil jsem ComboFix pod správcem a čekal jsem. ComboFix pracoval bezchybně až do bodu kdy se objevil nápis-"Mažu složky: C:\Program Files\Windows Searchqu Toolbar", pak se zasekl (Před tím ještě z plochy zmizly všechny ikony a zůstal jen obrázek pozadí), výkon procesoru šel na nějakých 60%. Po asi 45minutách se PC uvedl podle nastavení do režimu spánku. Opět jsem jej spustil, ale nic se dále nedělo, tak jsem PC spustil v nouzovém režímu a vrátil do bodu obnovy před instalací ComboFixu.
Blbý můžeš být,ale musíš si umět poradit...
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznul PC-log
Zkuste CF spustit v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznul PC-log
Zde je log z Combofixu v nouzovém režímu.
ComboFix 13-04-14.01 - Otakar Vavrečka 15.04.2013 18:39:18.1.2 - x86 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.2627 [GMT 2:00]
Spuštěný z: c:\users\Otakar Vavrečka\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
ADS - system32: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IMPI\ExTEnsion32.dll
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files\Windows Searchqu Toolbar\del_DataMngrHlpFF3_57.dll
c:\program files\Windows Searchqu Toolbar\del_DM_DLL_54.dll
c:\program files\Windows Searchqu Toolbar\del_DM_EXE_31.dll
c:\program files\Windows Searchqu Toolbar\del_IEBHO_36.dll
c:\program files\Windows Searchqu Toolbar\sysid.ini
c:\program files\Windows Searchqu Toolbar\uninstall.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\ijl11.dll
c:\windows\system32\roboot.exe
c:\windows\system32\vbpng1.dll
.
---- Předchozí spuštění -------
.
c:\program files\IMPI\ExTEnsion32.dll
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files\Windows Searchqu Toolbar\del_DataMngrHlpFF3_57.dll
c:\program files\Windows Searchqu Toolbar\del_DM_DLL_54.dll
c:\program files\Windows Searchqu Toolbar\del_DM_EXE_31.dll
c:\program files\Windows Searchqu Toolbar\del_IEBHO_36.dll
c:\program files\Windows Searchqu Toolbar\sysid.ini
c:\program files\Windows Searchqu Toolbar\uninstall.exe
c:\users\Otakar Vavrečka\AppData\Local\Temp\rad5B813.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\Otakar Vavrečka\AppData\Local\temp\rad682F1.tmp\bin\Gadget.Interop.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad5B813.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad682F1.tmp\bin\Gadget.Interop.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\ijl11.dll
c:\windows\system32\roboot.exe
c:\windows\system32\vbpng1.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-15 do 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 16:44 . 2013-04-15 16:45 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\temp
2013-04-15 16:44 . 2013-04-15 16:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-15 16:44 . 2013-04-15 16:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-15 07:48 . 2013-04-15 07:48 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\offreg.dll
2013-04-14 08:13 . 2013-04-14 18:39 -------- d-----w- C:\rsit
2013-04-12 10:27 . 2013-04-12 10:27 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-04-12 06:25 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\mpengine.dll
2013-04-10 06:18 . 2013-04-14 09:02 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 06:17 . 2013-04-10 06:17 -------- d-----w- c:\program files\VideoLAN
2013-04-10 05:17 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 05:10 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 05:10 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 05:10 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 05:10 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 05:10 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 05:09 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 13:10 . 2012-11-30 04:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-04-09 13:09 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-04-09 13:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-09 13:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-04-09 13:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-09 13:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-09 13:06 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-09 13:06 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-09 12:54 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-09 12:54 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-09 12:54 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-09 12:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-09 12:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-09 12:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-09 12:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-09 12:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-09 12:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-09 12:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-09 12:21 . 2013-04-09 12:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 10:32 . 2013-04-09 10:33 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 10:32 . 2010-02-15 18:00 94208 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2013-04-09 10:32 . 2010-02-15 18:00 140864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-04-09 10:32 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-09 10:32 . 2013-04-09 10:32 -------- d-----w- c:\program files\Real Alternative
2013-04-07 19:10 . 2013-04-08 05:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 19:09 . 2013-04-07 19:09 -------- d-----w- c:\program files\iSpy
2013-04-05 19:36 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-04-05 19:36 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-04-05 19:36 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-04-05 19:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-04-05 19:36 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-05 19:35 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-05 19:34 . 2013-04-07 14:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\Windows Live
2013-04-05 19:31 . 2013-04-05 19:31 -------- d-----w- c:\program files\Common Files\Windows Live
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\windows\PixArt
2013-04-05 19:19 . 2007-06-14 13:29 457856 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2013-04-05 19:19 . 2007-05-17 13:50 129024 ----a-w- c:\windows\system32\SP7302.AX
2013-04-05 19:19 . 2006-11-20 07:04 6656 ----a-w- c:\windows\system32\CoInst.dll
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\program files\Logitech
2013-04-05 19:19 . 2001-11-05 08:50 69632 ----a-w- c:\windows\AMCap.exe
2013-04-05 16:59 . 2013-04-05 16:59 -------- d-----w- c:\programdata\AVAST Software
2013-04-05 13:47 . 2013-04-05 13:47 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\ArcSoft
2013-04-05 13:47 . 2013-04-05 13:56 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 13:42 . 2013-04-05 14:59 -------- d-----w- c:\program files\Common Files\ArcSoft
2013-04-05 08:00 . 2013-04-05 19:19 -------- d-----w- c:\windows\Webcam2200
2013-03-29 19:12 . 2013-03-29 19:12 -------- d-----w- c:\program files\Common Files\Skype
2013-03-26 05:37 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 15:20 . 2012-04-03 09:08 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-14 15:20 . 2011-05-18 10:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-09 12:38 . 2011-09-04 14:34 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-11 23:10 . 2011-02-22 14:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-10 19:21 . 2013-03-10 19:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 19:21 . 2012-06-20 16:11 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-10 19:21 . 2011-02-24 18:21 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2013-03-15 18:14 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 18:14 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2011-02-25 16:08 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-02-22 14:56 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-02-22 14:56 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-02-26 09:53 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2011-02-22 14:56 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2011-02-22 14:56 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-02-22 14:55 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-02-22 14:55 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 04:48 . 2013-04-09 13:06 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-09 13:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 10:27 . 2011-05-01 15:30 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"cz.seznam.software.autoupdate"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe" [2012-09-13 1009288]
"cz.seznam.software.szndesktop"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2012-12-19 92296]
"Seznam Postak"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"hppwrsav"="c:\scanjet\PrecisionScanLT\hppwrsav.exe" [1999-06-07 23552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"="c:\windows\system32\MSTMON_N.EXE" [2004-11-25 151552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Update Scheduler for Proteus Professional 7.lnk - c:\program files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2011-6-28 65564]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BROWSE~1\261095~1.52\{C16C1~1\BrowserProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-11-25 15:39 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-06-03 20:13 880528 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [x]
R2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [x]
R2 PPSCAN;PPSCAN; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
S0 aswRvrt;aswRvrt; [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:40 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:20]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 22:30]
.
2011-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 22:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12
IE: Free YouTube Download - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-03-07 20:21; {17E113E6-CD0E-4045-B154-65F0E57959EF}; c:\program files\IMPI\Firefox
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - c8b9cbef000000000000c417fe29afa8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15771
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.120:22
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
URLSearchHooks-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~1\WIA6EB~1\Datamngr\BROWSE~1.DLL
Toolbar-10 - (no file)
Toolbar-{AF3D7884-B142-414E-943D-75D8D54E1FFF} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
MSConfigStartUp-Seznam Postak - c:\program files\Seznam.cz\postak.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-Searchqu 0 MediaBar - c:\program files\Windows Searchqu Toolbar\uninstall.exe
AddRemove-Windows Searchqu Toolbar - c:\program files\Windows Searchqu Toolbar\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-15 18:46:20
ComboFix-quarantined-files.txt 2013-04-15 16:46
.
Před spuštěním: Volných bajtů: 30 625 619 968
Po spuštění: Volných bajtů: 30 568 792 064
.
- - End Of File - - 1872FFF64A25141603E2137199BC5E94
ComboFix 13-04-14.01 - Otakar Vavrečka 15.04.2013 18:39:18.1.2 - x86 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.2627 [GMT 2:00]
Spuštěný z: c:\users\Otakar Vavrečka\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
ADS - system32: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IMPI\ExTEnsion32.dll
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files\Windows Searchqu Toolbar\del_DataMngrHlpFF3_57.dll
c:\program files\Windows Searchqu Toolbar\del_DM_DLL_54.dll
c:\program files\Windows Searchqu Toolbar\del_DM_EXE_31.dll
c:\program files\Windows Searchqu Toolbar\del_IEBHO_36.dll
c:\program files\Windows Searchqu Toolbar\sysid.ini
c:\program files\Windows Searchqu Toolbar\uninstall.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\ijl11.dll
c:\windows\system32\roboot.exe
c:\windows\system32\vbpng1.dll
.
---- Předchozí spuštění -------
.
c:\program files\IMPI\ExTEnsion32.dll
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files\Windows Searchqu Toolbar\del_DataMngrHlpFF3_57.dll
c:\program files\Windows Searchqu Toolbar\del_DM_DLL_54.dll
c:\program files\Windows Searchqu Toolbar\del_DM_EXE_31.dll
c:\program files\Windows Searchqu Toolbar\del_IEBHO_36.dll
c:\program files\Windows Searchqu Toolbar\sysid.ini
c:\program files\Windows Searchqu Toolbar\uninstall.exe
c:\users\Otakar Vavrečka\AppData\Local\Temp\rad5B813.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\Otakar Vavrečka\AppData\Local\temp\rad682F1.tmp\bin\Gadget.Interop.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad5B813.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad682F1.tmp\bin\Gadget.Interop.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\ijl11.dll
c:\windows\system32\roboot.exe
c:\windows\system32\vbpng1.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-15 do 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 16:44 . 2013-04-15 16:45 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\temp
2013-04-15 16:44 . 2013-04-15 16:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-15 16:44 . 2013-04-15 16:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-15 07:48 . 2013-04-15 07:48 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\offreg.dll
2013-04-14 08:13 . 2013-04-14 18:39 -------- d-----w- C:\rsit
2013-04-12 10:27 . 2013-04-12 10:27 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-04-12 06:25 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\mpengine.dll
2013-04-10 06:18 . 2013-04-14 09:02 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 06:17 . 2013-04-10 06:17 -------- d-----w- c:\program files\VideoLAN
2013-04-10 05:17 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 05:10 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 05:10 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 05:10 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 05:10 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 05:10 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 05:09 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 13:10 . 2012-11-30 04:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-04-09 13:09 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-04-09 13:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-09 13:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-04-09 13:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-09 13:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-09 13:06 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-09 13:06 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-09 12:54 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-09 12:54 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-09 12:54 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-09 12:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-09 12:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-09 12:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-09 12:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-09 12:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-09 12:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-09 12:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-09 12:21 . 2013-04-09 12:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 10:32 . 2013-04-09 10:33 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 10:32 . 2010-02-15 18:00 94208 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2013-04-09 10:32 . 2010-02-15 18:00 140864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-04-09 10:32 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-09 10:32 . 2013-04-09 10:32 -------- d-----w- c:\program files\Real Alternative
2013-04-07 19:10 . 2013-04-08 05:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 19:09 . 2013-04-07 19:09 -------- d-----w- c:\program files\iSpy
2013-04-05 19:36 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-04-05 19:36 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-04-05 19:36 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-04-05 19:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-04-05 19:36 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-05 19:35 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-05 19:34 . 2013-04-07 14:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\Windows Live
2013-04-05 19:31 . 2013-04-05 19:31 -------- d-----w- c:\program files\Common Files\Windows Live
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\windows\PixArt
2013-04-05 19:19 . 2007-06-14 13:29 457856 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2013-04-05 19:19 . 2007-05-17 13:50 129024 ----a-w- c:\windows\system32\SP7302.AX
2013-04-05 19:19 . 2006-11-20 07:04 6656 ----a-w- c:\windows\system32\CoInst.dll
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\program files\Logitech
2013-04-05 19:19 . 2001-11-05 08:50 69632 ----a-w- c:\windows\AMCap.exe
2013-04-05 16:59 . 2013-04-05 16:59 -------- d-----w- c:\programdata\AVAST Software
2013-04-05 13:47 . 2013-04-05 13:47 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\ArcSoft
2013-04-05 13:47 . 2013-04-05 13:56 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 13:42 . 2013-04-05 14:59 -------- d-----w- c:\program files\Common Files\ArcSoft
2013-04-05 08:00 . 2013-04-05 19:19 -------- d-----w- c:\windows\Webcam2200
2013-03-29 19:12 . 2013-03-29 19:12 -------- d-----w- c:\program files\Common Files\Skype
2013-03-26 05:37 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 15:20 . 2012-04-03 09:08 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-14 15:20 . 2011-05-18 10:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-09 12:38 . 2011-09-04 14:34 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-11 23:10 . 2011-02-22 14:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-10 19:21 . 2013-03-10 19:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 19:21 . 2012-06-20 16:11 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-10 19:21 . 2011-02-24 18:21 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2013-03-15 18:14 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 18:14 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2011-02-25 16:08 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-02-22 14:56 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-02-22 14:56 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-02-26 09:53 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2011-02-22 14:56 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2011-02-22 14:56 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-02-22 14:55 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-02-22 14:55 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 04:48 . 2013-04-09 13:06 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-09 13:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 10:27 . 2011-05-01 15:30 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"cz.seznam.software.autoupdate"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe" [2012-09-13 1009288]
"cz.seznam.software.szndesktop"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2012-12-19 92296]
"Seznam Postak"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"hppwrsav"="c:\scanjet\PrecisionScanLT\hppwrsav.exe" [1999-06-07 23552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"="c:\windows\system32\MSTMON_N.EXE" [2004-11-25 151552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Update Scheduler for Proteus Professional 7.lnk - c:\program files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2011-6-28 65564]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BROWSE~1\261095~1.52\{C16C1~1\BrowserProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-11-25 15:39 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-06-03 20:13 880528 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [x]
R2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [x]
R2 PPSCAN;PPSCAN; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
S0 aswRvrt;aswRvrt; [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:40 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:20]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 22:30]
.
2011-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 22:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12
IE: Free YouTube Download - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-03-07 20:21; {17E113E6-CD0E-4045-B154-65F0E57959EF}; c:\program files\IMPI\Firefox
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - c8b9cbef000000000000c417fe29afa8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15771
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.120:22
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
URLSearchHooks-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~1\WIA6EB~1\Datamngr\BROWSE~1.DLL
Toolbar-10 - (no file)
Toolbar-{AF3D7884-B142-414E-943D-75D8D54E1FFF} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
MSConfigStartUp-Seznam Postak - c:\program files\Seznam.cz\postak.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-Searchqu 0 MediaBar - c:\program files\Windows Searchqu Toolbar\uninstall.exe
AddRemove-Windows Searchqu Toolbar - c:\program files\Windows Searchqu Toolbar\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-15 18:46:20
ComboFix-quarantined-files.txt 2013-04-15 16:46
.
Před spuštěním: Volných bajtů: 30 625 619 968
Po spuštění: Volných bajtů: 30 568 792 064
.
- - End Of File - - 1872FFF64A25141603E2137199BC5E94
Blbý můžeš být,ale musíš si umět poradit...
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznul PC-log
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\system32\csrr.rs
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""
Firefox::
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-03-07 20:21; {17E113E6-CD0E-4045-B154-65F0E57959EF}; c:\program files\IMPI\Firefox
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - c8b9cbef000000000000c417fe29afa8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15771
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.120:22
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznul PC-log
ComboFix 13-04-14.01 - Otakar Vavrečka 15.04.2013 19:21:34.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.2129 [GMT 2:00]
Spuštěný z: c:\users\Otakar VavreŔka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Otakar VavreŔka\Desktop\CFScript.txt..txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Otakar Vavrečka\AppData\Local\Temp\radCDFF6.tmp\bin\Gadget.Interop.dll
c:\users\Otakar Vavrečka\AppData\Local\temp\radCDFF6.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\OTAKAR~1\AppData\Local\Temp\radCDFF6.tmp\bin\Gadget.Interop.dll
c:\users\OTAKAR~1\AppData\Local\Temp\radCDFF6.tmp\bin\x86\sharpwrapi_Win32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-15 do 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 17:55 . 2013-04-15 17:57 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\temp
2013-04-15 17:55 . 2013-04-15 17:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-15 17:55 . 2013-04-15 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-15 07:48 . 2013-04-15 17:55 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\offreg.dll
2013-04-14 08:13 . 2013-04-14 18:39 -------- d-----w- C:\rsit
2013-04-12 10:27 . 2013-04-12 10:27 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-04-12 06:25 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\mpengine.dll
2013-04-10 06:18 . 2013-04-14 09:02 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 06:17 . 2013-04-10 06:17 -------- d-----w- c:\program files\VideoLAN
2013-04-10 05:17 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 05:10 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 05:10 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 05:10 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 05:10 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 05:10 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 05:09 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 13:10 . 2012-11-30 04:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-04-09 13:09 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-04-09 13:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-09 13:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-04-09 13:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-09 13:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-09 13:06 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-09 13:06 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-09 12:54 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-09 12:54 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-09 12:54 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-09 12:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-09 12:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-09 12:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-09 12:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-09 12:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-09 12:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-09 12:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-09 12:21 . 2013-04-09 12:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 10:32 . 2013-04-09 10:33 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 10:32 . 2010-02-15 18:00 94208 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2013-04-09 10:32 . 2010-02-15 18:00 140864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-04-09 10:32 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-09 10:32 . 2013-04-09 10:32 -------- d-----w- c:\program files\Real Alternative
2013-04-07 19:10 . 2013-04-08 05:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 19:09 . 2013-04-07 19:09 -------- d-----w- c:\program files\iSpy
2013-04-05 19:36 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-04-05 19:36 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-04-05 19:36 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-04-05 19:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-04-05 19:36 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-05 19:35 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-05 19:34 . 2013-04-07 14:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\Windows Live
2013-04-05 19:31 . 2013-04-05 19:31 -------- d-----w- c:\program files\Common Files\Windows Live
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\windows\PixArt
2013-04-05 19:19 . 2007-06-14 13:29 457856 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2013-04-05 19:19 . 2007-05-17 13:50 129024 ----a-w- c:\windows\system32\SP7302.AX
2013-04-05 19:19 . 2006-11-20 07:04 6656 ----a-w- c:\windows\system32\CoInst.dll
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\program files\Logitech
2013-04-05 19:19 . 2001-11-05 08:50 69632 ----a-w- c:\windows\AMCap.exe
2013-04-05 16:59 . 2013-04-05 16:59 -------- d-----w- c:\programdata\AVAST Software
2013-04-05 13:47 . 2013-04-05 13:47 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\ArcSoft
2013-04-05 13:47 . 2013-04-05 13:56 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 13:42 . 2013-04-05 14:59 -------- d-----w- c:\program files\Common Files\ArcSoft
2013-04-05 08:00 . 2013-04-05 19:19 -------- d-----w- c:\windows\Webcam2200
2013-03-29 19:12 . 2013-03-29 19:12 -------- d-----w- c:\program files\Common Files\Skype
2013-03-26 05:37 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 15:20 . 2012-04-03 09:08 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-14 15:20 . 2011-05-18 10:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-09 12:38 . 2011-09-04 14:34 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-11 23:10 . 2011-02-22 14:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-10 19:21 . 2013-03-10 19:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 19:21 . 2012-06-20 16:11 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-10 19:21 . 2011-02-24 18:21 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2013-03-15 18:14 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 18:14 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2011-02-25 16:08 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-02-22 14:56 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-02-22 14:56 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-02-26 09:53 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2011-02-22 14:56 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2011-02-22 14:56 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-02-22 14:55 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-02-22 14:55 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 04:48 . 2013-04-09 13:06 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-09 13:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 10:27 . 2011-05-01 15:30 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"cz.seznam.software.autoupdate"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe" [2012-09-13 1009288]
"cz.seznam.software.szndesktop"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2012-12-19 92296]
"Seznam Postak"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"hppwrsav"="c:\scanjet\PrecisionScanLT\hppwrsav.exe" [1999-06-07 23552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"="c:\windows\system32\MSTMON_N.EXE" [2004-11-25 151552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Update Scheduler for Proteus Professional 7.lnk - c:\program files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2011-6-28 65564]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BROWSE~1\261095~1.52\{C16C1~1\BrowserProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-11-25 15:39 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-06-03 20:13 880528 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 aswSnx;aswSnx; [x]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [x]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [x]
R2 PPSCAN;PPSCAN; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:40 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:20]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 22:30]
.
2011-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 22:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12
IE: Free YouTube Download - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-03-07 20:21; {17E113E6-CD0E-4045-B154-65F0E57959EF}; c:\program files\IMPI\Firefox
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - c8b9cbef000000000000c417fe29afa8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15771
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.120:22
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\users\Otakar Vavrec:\users\Otakar Vavrec:\users\Otakar Vavrec:\windows\system32\SearchIndexer.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-04-15 20:01:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-15 18:01
ComboFix2.txt 2013-04-15 16:46
.
Před spuštěním: Volných bajtů: 30 606 426 112
Po spuštění: Volných bajtů: 30 538 690 560
.
- - End Of File - - F130842FA20DB8AA7FEE2C5DA512189A
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.2129 [GMT 2:00]
Spuštěný z: c:\users\Otakar VavreŔka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Otakar VavreŔka\Desktop\CFScript.txt..txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Otakar Vavrečka\AppData\Local\Temp\radCDFF6.tmp\bin\Gadget.Interop.dll
c:\users\Otakar Vavrečka\AppData\Local\temp\radCDFF6.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\OTAKAR~1\AppData\Local\Temp\radCDFF6.tmp\bin\Gadget.Interop.dll
c:\users\OTAKAR~1\AppData\Local\Temp\radCDFF6.tmp\bin\x86\sharpwrapi_Win32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-15 do 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 17:55 . 2013-04-15 17:57 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\temp
2013-04-15 17:55 . 2013-04-15 17:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-15 17:55 . 2013-04-15 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-15 07:48 . 2013-04-15 17:55 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\offreg.dll
2013-04-14 08:13 . 2013-04-14 18:39 -------- d-----w- C:\rsit
2013-04-12 10:27 . 2013-04-12 10:27 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-04-12 06:25 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\mpengine.dll
2013-04-10 06:18 . 2013-04-14 09:02 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 06:17 . 2013-04-10 06:17 -------- d-----w- c:\program files\VideoLAN
2013-04-10 05:17 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 05:10 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 05:10 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 05:10 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 05:10 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 05:10 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 05:09 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 13:10 . 2012-11-30 04:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-04-09 13:09 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-04-09 13:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-09 13:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-04-09 13:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-09 13:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-09 13:06 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-09 13:06 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-09 12:54 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-09 12:54 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-09 12:54 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-09 12:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-09 12:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-09 12:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-09 12:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-09 12:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-09 12:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-09 12:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-09 12:21 . 2013-04-09 12:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 10:32 . 2013-04-09 10:33 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 10:32 . 2010-02-15 18:00 94208 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2013-04-09 10:32 . 2010-02-15 18:00 140864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-04-09 10:32 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-09 10:32 . 2013-04-09 10:32 -------- d-----w- c:\program files\Real Alternative
2013-04-07 19:10 . 2013-04-08 05:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 19:09 . 2013-04-07 19:09 -------- d-----w- c:\program files\iSpy
2013-04-05 19:36 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-04-05 19:36 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-04-05 19:36 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-04-05 19:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-04-05 19:36 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-05 19:35 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-05 19:34 . 2013-04-07 14:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\Windows Live
2013-04-05 19:31 . 2013-04-05 19:31 -------- d-----w- c:\program files\Common Files\Windows Live
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\windows\PixArt
2013-04-05 19:19 . 2007-06-14 13:29 457856 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2013-04-05 19:19 . 2007-05-17 13:50 129024 ----a-w- c:\windows\system32\SP7302.AX
2013-04-05 19:19 . 2006-11-20 07:04 6656 ----a-w- c:\windows\system32\CoInst.dll
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\program files\Logitech
2013-04-05 19:19 . 2001-11-05 08:50 69632 ----a-w- c:\windows\AMCap.exe
2013-04-05 16:59 . 2013-04-05 16:59 -------- d-----w- c:\programdata\AVAST Software
2013-04-05 13:47 . 2013-04-05 13:47 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\ArcSoft
2013-04-05 13:47 . 2013-04-05 13:56 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 13:42 . 2013-04-05 14:59 -------- d-----w- c:\program files\Common Files\ArcSoft
2013-04-05 08:00 . 2013-04-05 19:19 -------- d-----w- c:\windows\Webcam2200
2013-03-29 19:12 . 2013-03-29 19:12 -------- d-----w- c:\program files\Common Files\Skype
2013-03-26 05:37 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 15:20 . 2012-04-03 09:08 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-14 15:20 . 2011-05-18 10:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-09 12:38 . 2011-09-04 14:34 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-11 23:10 . 2011-02-22 14:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-10 19:21 . 2013-03-10 19:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 19:21 . 2012-06-20 16:11 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-10 19:21 . 2011-02-24 18:21 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2013-03-15 18:14 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 18:14 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2011-02-25 16:08 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-02-22 14:56 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-02-22 14:56 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-02-26 09:53 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2011-02-22 14:56 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2011-02-22 14:56 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-02-22 14:55 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-02-22 14:55 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 04:48 . 2013-04-09 13:06 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-09 13:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 10:27 . 2011-05-01 15:30 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"cz.seznam.software.autoupdate"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe" [2012-09-13 1009288]
"cz.seznam.software.szndesktop"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2012-12-19 92296]
"Seznam Postak"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"hppwrsav"="c:\scanjet\PrecisionScanLT\hppwrsav.exe" [1999-06-07 23552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"="c:\windows\system32\MSTMON_N.EXE" [2004-11-25 151552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Update Scheduler for Proteus Professional 7.lnk - c:\program files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2011-6-28 65564]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BROWSE~1\261095~1.52\{C16C1~1\BrowserProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-11-25 15:39 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-06-03 20:13 880528 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 aswSnx;aswSnx; [x]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [x]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [x]
R2 PPSCAN;PPSCAN; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:40 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:20]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 14:56]
.
2013-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 22:30]
.
2011-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 22:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12
IE: Free YouTube Download - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-03-07 20:21; {17E113E6-CD0E-4045-B154-65F0E57959EF}; c:\program files\IMPI\Firefox
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - c8b9cbef000000000000c417fe29afa8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15771
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.120:22
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\users\Otakar Vavrec:\users\Otakar Vavrec:\users\Otakar Vavrec:\windows\system32\SearchIndexer.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-04-15 20:01:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-15 18:01
ComboFix2.txt 2013-04-15 16:46
.
Před spuštěním: Volných bajtů: 30 606 426 112
Po spuštění: Volných bajtů: 30 538 690 560
.
- - End Of File - - F130842FA20DB8AA7FEE2C5DA512189A
Blbý můžeš být,ale musíš si umět poradit...
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrznul PC-log
Budete muset spustit CF skriptem znovu, ale ne z plochy. Protože máte v názvu profilu diakritiku, CF skript nepřečte. Přesuňte CF i skript na kořenový adresář c:\ a v průzkumníku windows skript přetáhněte nad ikonu CF a pusťte. Skript musí být uložen jako CFScript.txt, nikoli CFScript.txt.txt, jeko v předchozím případě.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrznul PC-log
Snad to nyní bude v pořádku. Po všech procesech mi vyskočilo toto oznámení:
ComboFix 13-04-14.01 - Otakar Vavrečka 15.04.2013 20:57:55.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.2022 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\csrr.rs"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Otakar Vavrečka\AppData\Local\Temp\rad360B4.tmp\bin\Gadget.Interop.dll
c:\users\Otakar Vavrečka\AppData\Local\temp\rad360B4.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad360B4.tmp\bin\Gadget.Interop.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad360B4.tmp\bin\x86\sharpwrapi_Win32.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-15 do 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 19:05 . 2013-04-15 19:07 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\temp
2013-04-15 19:05 . 2013-04-15 19:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-15 19:05 . 2013-04-15 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-15 07:48 . 2013-04-15 17:55 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\offreg.dll
2013-04-14 08:13 . 2013-04-14 18:39 -------- d-----w- C:\rsit
2013-04-12 10:27 . 2013-04-12 10:27 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-04-12 06:25 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\mpengine.dll
2013-04-10 06:18 . 2013-04-14 09:02 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 06:17 . 2013-04-10 06:17 -------- d-----w- c:\program files\VideoLAN
2013-04-10 05:17 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 05:10 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 05:10 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 05:10 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 05:10 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 05:10 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 05:09 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 13:10 . 2012-11-30 04:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-04-09 13:09 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-04-09 13:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-09 13:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-04-09 13:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-09 13:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-09 13:06 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-09 13:06 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-09 12:54 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-09 12:54 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-09 12:54 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-09 12:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-09 12:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-09 12:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-09 12:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-09 12:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-09 12:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-09 12:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-09 12:21 . 2013-04-09 12:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 10:32 . 2013-04-09 10:33 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 10:32 . 2010-02-15 18:00 94208 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2013-04-09 10:32 . 2010-02-15 18:00 140864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-04-09 10:32 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-09 10:32 . 2013-04-09 10:32 -------- d-----w- c:\program files\Real Alternative
2013-04-07 19:10 . 2013-04-08 05:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 19:09 . 2013-04-07 19:09 -------- d-----w- c:\program files\iSpy
2013-04-05 19:36 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-04-05 19:36 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-04-05 19:36 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-04-05 19:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-04-05 19:36 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-05 19:35 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-05 19:34 . 2013-04-07 14:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\Windows Live
2013-04-05 19:31 . 2013-04-05 19:31 -------- d-----w- c:\program files\Common Files\Windows Live
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\windows\PixArt
2013-04-05 19:19 . 2007-06-14 13:29 457856 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2013-04-05 19:19 . 2007-05-17 13:50 129024 ----a-w- c:\windows\system32\SP7302.AX
2013-04-05 19:19 . 2006-11-20 07:04 6656 ----a-w- c:\windows\system32\CoInst.dll
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\program files\Logitech
2013-04-05 19:19 . 2001-11-05 08:50 69632 ----a-w- c:\windows\AMCap.exe
2013-04-05 16:59 . 2013-04-05 16:59 -------- d-----w- c:\programdata\AVAST Software
2013-04-05 13:47 . 2013-04-05 13:47 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\ArcSoft
2013-04-05 13:47 . 2013-04-05 13:56 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 13:42 . 2013-04-05 14:59 -------- d-----w- c:\program files\Common Files\ArcSoft
2013-04-05 08:00 . 2013-04-05 19:19 -------- d-----w- c:\windows\Webcam2200
2013-03-29 19:12 . 2013-03-29 19:12 -------- d-----w- c:\program files\Common Files\Skype
2013-03-26 05:37 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 15:20 . 2012-04-03 09:08 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-14 15:20 . 2011-05-18 10:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-09 12:38 . 2011-09-04 14:34 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-11 23:10 . 2011-02-22 14:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-10 19:21 . 2013-03-10 19:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 19:21 . 2012-06-20 16:11 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-10 19:21 . 2011-02-24 18:21 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2013-03-15 18:14 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 18:14 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2011-02-25 16:08 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-02-22 14:56 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-02-22 14:56 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-02-26 09:53 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2011-02-22 14:56 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2011-02-22 14:56 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-02-22 14:55 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-02-22 14:55 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 04:48 . 2013-04-09 13:06 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-09 13:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 10:27 . 2011-05-01 15:30 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"cz.seznam.software.autoupdate"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe" [2012-09-13 1009288]
"cz.seznam.software.szndesktop"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2012-12-19 92296]
"Seznam Postak"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"hppwrsav"="c:\scanjet\PrecisionScanLT\hppwrsav.exe" [1999-06-07 23552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"="c:\windows\system32\MSTMON_N.EXE" [2004-11-25 151552]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Update Scheduler for Proteus Professional 7.lnk - c:\program files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2011-6-28 65564]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-11-25 15:39 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-06-03 20:13 880528 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 aswSnx;aswSnx; [x]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [x]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [x]
R2 PPSCAN;PPSCAN; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:40 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:20]
.
2013-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 22:30]
.
2011-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 22:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12
IE: Free YouTube Download - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - ExtSQL: 2013-03-07 20:21; {17E113E6-CD0E-4045-B154-65F0E57959EF}; c:\program files\IMPI\Firefox
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - c8b9cbef000000000000c417fe29afa8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15771
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.120:22
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\users\Otakar Vavrec:\users\Otakar Vavrec:\users\Otakar Vavrec:\windows\system32\SearchIndexer.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-04-15 21:11:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-15 19:11
ComboFix2.txt 2013-04-15 18:01
ComboFix3.txt 2013-04-15 16:46
.
Před spuštěním: Volných bajtů: 30 578 786 304
Po spuštění: Volných bajtů: 30 527 565 824
.
- - End Of File - - 80F620309BB9B7BBCFD3AE4846439FC3
- Výstřižek-0.jpg (36.46 KiB) Zobrazeno 1066 x
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.2022 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\csrr.rs"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Otakar Vavrečka\AppData\Local\Temp\rad360B4.tmp\bin\Gadget.Interop.dll
c:\users\Otakar Vavrečka\AppData\Local\temp\rad360B4.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad360B4.tmp\bin\Gadget.Interop.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad360B4.tmp\bin\x86\sharpwrapi_Win32.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-15 do 2013-04-15 )))))))))))))))))))))))))))))))
.
.
2013-04-15 19:05 . 2013-04-15 19:07 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\temp
2013-04-15 19:05 . 2013-04-15 19:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-15 19:05 . 2013-04-15 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-15 07:48 . 2013-04-15 17:55 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\offreg.dll
2013-04-14 08:13 . 2013-04-14 18:39 -------- d-----w- C:\rsit
2013-04-12 10:27 . 2013-04-12 10:27 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-04-12 06:25 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B93CE8EA-C95A-42F5-9488-14FF8AEDB30F}\mpengine.dll
2013-04-10 06:18 . 2013-04-14 09:02 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\vlc
2013-04-10 06:17 . 2013-04-10 06:17 -------- d-----w- c:\program files\VideoLAN
2013-04-10 05:17 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 05:10 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 05:10 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 05:10 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 05:10 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 05:10 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 05:09 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 13:10 . 2012-11-30 04:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-04-09 13:09 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-04-09 13:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-04-09 13:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-04-09 13:07 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-04-09 13:07 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-04-09 13:06 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-04-09 13:06 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-04-09 12:54 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-04-09 12:54 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-04-09 12:54 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-04-09 12:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-04-09 12:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-04-09 12:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-04-09 12:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-04-09 12:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-04-09 12:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-04-09 12:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-04-09 12:21 . 2013-04-09 12:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-09 10:32 . 2013-04-09 10:33 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
2013-04-09 10:32 . 2010-02-15 18:00 94208 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2013-04-09 10:32 . 2010-02-15 18:00 140864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-04-09 10:32 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-09 10:32 . 2013-04-09 10:32 -------- d-----w- c:\program files\Real Alternative
2013-04-07 19:10 . 2013-04-08 05:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\iSpy
2013-04-07 19:09 . 2013-04-07 19:09 -------- d-----w- c:\program files\iSpy
2013-04-05 19:36 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-04-05 19:36 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-04-05 19:36 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-04-05 19:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-04-05 19:36 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-05 19:35 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-05 19:34 . 2013-04-07 14:46 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\Windows Live
2013-04-05 19:31 . 2013-04-05 19:31 -------- d-----w- c:\program files\Common Files\Windows Live
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\windows\PixArt
2013-04-05 19:19 . 2007-06-14 13:29 457856 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2013-04-05 19:19 . 2007-05-17 13:50 129024 ----a-w- c:\windows\system32\SP7302.AX
2013-04-05 19:19 . 2006-11-20 07:04 6656 ----a-w- c:\windows\system32\CoInst.dll
2013-04-05 19:19 . 2013-04-05 19:19 -------- d-----w- c:\program files\Logitech
2013-04-05 19:19 . 2001-11-05 08:50 69632 ----a-w- c:\windows\AMCap.exe
2013-04-05 16:59 . 2013-04-05 16:59 -------- d-----w- c:\programdata\AVAST Software
2013-04-05 13:47 . 2013-04-05 13:47 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\ArcSoft
2013-04-05 13:47 . 2013-04-05 13:56 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\ArcSoft
2013-04-05 13:42 . 2013-04-05 14:59 -------- d-----w- c:\program files\Common Files\ArcSoft
2013-04-05 08:00 . 2013-04-05 19:19 -------- d-----w- c:\windows\Webcam2200
2013-03-29 19:12 . 2013-03-29 19:12 -------- d-----w- c:\program files\Common Files\Skype
2013-03-26 05:37 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-14 15:20 . 2012-04-03 09:08 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-14 15:20 . 2011-05-18 10:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-09 12:38 . 2011-09-04 14:34 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-11 23:10 . 2011-02-22 14:10 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-10 19:21 . 2013-03-10 19:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 19:21 . 2012-06-20 16:11 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-10 19:21 . 2011-02-24 18:21 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2013-03-15 18:14 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 18:14 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2011-02-25 16:08 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-02-22 14:56 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-02-22 14:56 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-02-26 09:53 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2011-02-22 14:56 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2011-02-22 14:56 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-02-22 14:55 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-02-22 14:55 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 04:48 . 2013-04-09 13:06 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-09 13:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 10:27 . 2011-05-01 15:30 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"cz.seznam.software.autoupdate"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\szninstall.exe" [2012-09-13 1009288]
"cz.seznam.software.szndesktop"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2012-12-19 92296]
"Seznam Postak"="c:\users\Otakar Vavrečka\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"hppwrsav"="c:\scanjet\PrecisionScanLT\hppwrsav.exe" [1999-06-07 23552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"KONICA MINOLTA PagePro 1300WStatusDisplay"="c:\windows\system32\MSTMON_N.EXE" [2004-11-25 151552]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Update Scheduler for Proteus Professional 7.lnk - c:\program files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2011-6-28 65564]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-11-25 15:39 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-06-03 20:13 880528 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 aswSnx;aswSnx; [x]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [x]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [x]
R2 PPSCAN;PPSCAN; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 11:40 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:20]
.
2013-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 22:30]
.
2011-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 22:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=12
IE: Free YouTube Download - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - ExtSQL: 2013-03-07 20:21; {17E113E6-CD0E-4045-B154-65F0E57959EF}; c:\program files\IMPI\Firefox
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - c8b9cbef000000000000c417fe29afa8
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15771
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.120:22
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\users\Otakar Vavrec:\users\Otakar Vavrec:\users\Otakar Vavrec:\windows\system32\SearchIndexer.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-04-15 21:11:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-15 19:11
ComboFix2.txt 2013-04-15 18:01
ComboFix3.txt 2013-04-15 16:46
.
Před spuštěním: Volných bajtů: 30 578 786 304
Po spuštění: Volných bajtů: 30 527 565 824
.
- - End Of File - - 80F620309BB9B7BBCFD3AE4846439FC3
Blbý můžeš být,ale musíš si umět poradit...
Přispějete na provoz fóra?