Delta search

Zpráva

Time2Groove · #1 Příspěvek od **Time2Groove** » 04 čer 2013 18:01

Chytil jsem "prohlizec" DELTA search a nevim jak ho odstranit. Zkousel jsem SPY hunter, ale nasel jsem jen placenou verzi. Vkladam log z RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Milan at 2013-06-04 18:59:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 151 GB (59%) free of 258 GB
Total RAM: 4006 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:22, on 4.6.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AudioCodec] "C:\ProgramData\AudioCodec0\mwvaztybt.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [AudioCodec] "C:\ProgramData\AudioCodec0\mwvaztybt.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserDefendert - Unknown owner - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - c:\Program Files\Microsoft Security Client\MsMpEng.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243 (NisSrv) - Unknown owner - c:\Program Files\Microsoft Security Client\NisSrv.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15348 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
taskeng.exe {E3815F9E-4101-490D-B015-0F5914FA905F}
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
taskeng.exe {A2D7BA3D-B47B-48E4-A602-FE935101C003}
C:\windows\Explorer.EXE
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe" /s
WLIDSvcM.exe 2752
"C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\windows\SysWOW64\WerFault.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1132.0.2128491382\1686337895" --supports-dual-gpus=false --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2342 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.2.988935030\830365922" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.5.860492625\2018569646" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.6.1675124657\470571118" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1132.7.289070119\1505950626" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.9.970524423\2036920633" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.10.711540224\1681207991" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.11.1816662022\284163271" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.13.211180510\1629147811" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.15.1442289900\1456244268" /prefetch:673131151
"C:\Users\Milan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="1132.16.612048774\2122412695" /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1584544231-1335171599-1099443430-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1584544231-1335171599-1099443430-1002UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\p99u1esg.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\p99u1esg.default\extensions\
rein@notiz.jp
zigboom.designs@gmail.com
{056f6d80-6870-11e1-b86c-0800200c9a66}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-31 167960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"AudioCodec"=C:\ProgramData\AudioCodec0\mwvaztybt.exe [2013-06-04 432128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioCodec]
C:\ProgramData\AudioCodec0\mwvaztybt.exe [2013-06-04 432128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2012-09-18 20524336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-28 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2011-03-31 391704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-03-18 13880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IFXSPMGT]
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-15 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-03-30 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2011-03-31 418840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-07-19 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-03-22 312376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19 18678376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-16 2828072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2011-03-04 1128448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AudioCodec"=C:\ProgramData\AudioCodec0\mwvaztybt.exe [2013-06-04 432128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-26 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe]
"Debugger="gtqa_.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\housecalllauncher.exe]
"Debugger="efzo_.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe]
"Debugger="jfoq_.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe]
"Debugger="esyt_.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-06-04 16:46:10 ----A---- C:\autoexec.bat
2013-06-04 16:45:56 ----A---- C:\windows\system32\drivers\EsgScanner.sys
2013-06-04 16:45:53 ----D---- C:\sh4ldr
2013-06-04 16:45:53 ----D---- C:\Program Files\Enigma Software Group
2013-06-04 16:45:31 ----D---- C:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-04 15:53:54 ----D---- C:\ProgramData\McAfee
2013-06-04 15:18:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-04 09:12:34 ----D---- C:\ProgramData\BrowserDefender
2013-06-04 09:10:35 ----A---- C:\windows\system32\roboot64.exe
2013-06-04 09:10:28 ----D---- C:\Users\Milan\AppData\Roaming\systweak
2013-06-04 09:10:22 ----SHD---- C:\ProgramData\AudioCodec0
2013-05-30 23:35:44 ----D---- C:\Users\Milan\AppData\Roaming\Scribus
2013-05-30 23:34:10 ----D---- C:\ProgramData\Package Cache
2013-05-30 10:06:41 ----D---- C:\Program Files (x86)\Zimbra
2013-05-25 22:27:12 ----D---- C:\Program Files\iPod
2013-05-25 22:27:11 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-25 22:27:11 ----D---- C:\Program Files\iTunes
2013-05-25 22:27:11 ----D---- C:\Program Files (x86)\iTunes
2013-05-25 22:25:10 ----D---- C:\Program Files\Bonjour
2013-05-25 22:25:10 ----D---- C:\Program Files (x86)\Bonjour
2013-05-25 19:47:02 ----D---- C:\Program Files (x86)\PDF to Word
2013-05-22 17:55:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-05-16 06:30:27 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-05-16 06:30:25 ----A---- C:\windows\system32\mshtml.dll
2013-05-16 06:29:47 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-05-16 06:29:47 ----A---- C:\windows\system32\mshtmled.dll
2013-05-16 06:29:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-05-16 06:29:46 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-05-16 06:29:46 ----A---- C:\windows\system32\iertutil.dll
2013-05-16 06:29:45 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-05-16 06:29:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-05-16 06:29:44 ----A---- C:\windows\SYSWOW64\url.dll
2013-05-16 06:29:44 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-05-16 06:29:44 ----A---- C:\windows\system32\url.dll
2013-05-16 06:29:44 ----A---- C:\windows\system32\ieUnatt.exe
2013-05-16 06:29:44 ----A---- C:\windows\system32\ieui.dll
2013-05-16 06:29:43 ----A---- C:\windows\system32\urlmon.dll
2013-05-16 06:29:43 ----A---- C:\windows\system32\jscript9.dll
2013-05-16 06:29:42 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-05-16 06:29:42 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-05-16 06:29:42 ----A---- C:\windows\system32\wininet.dll
2013-05-16 06:29:42 ----A---- C:\windows\system32\msfeeds.dll
2013-05-16 06:29:41 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-05-16 06:29:41 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-05-16 06:29:41 ----A---- C:\windows\system32\vbscript.dll
2013-05-16 06:29:41 ----A---- C:\windows\system32\jsproxy.dll
2013-05-16 06:29:41 ----A---- C:\windows\system32\jscript.dll
2013-05-16 06:29:40 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-05-16 06:29:36 ----A---- C:\windows\system32\ieframe.dll
2013-05-16 06:29:35 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-05-15 21:52:01 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2013-05-15 21:52:01 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 21:52:01 ----A---- C:\windows\system32\cdd.dll
2013-05-15 21:51:42 ----A---- C:\windows\system32\shell32.dll
2013-05-15 21:51:41 ----A---- C:\windows\system32\authui.dll
2013-05-15 21:51:39 ----A---- C:\windows\system32\shdocvw.dll
2013-05-15 21:51:37 ----A---- C:\windows\SYSWOW64\shell32.dll
2013-05-15 21:51:37 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2013-05-15 21:51:37 ----A---- C:\windows\SYSWOW64\authui.dll
2013-05-15 21:51:37 ----A---- C:\windows\system32\consent.exe
2013-05-15 21:51:37 ----A---- C:\windows\system32\appinfo.dll
2013-05-15 21:51:34 ----A---- C:\windows\system32\wwansvc.dll
2013-05-15 21:51:34 ----A---- C:\windows\system32\wwanprotdim.dll
2013-05-15 21:51:34 ----A---- C:\windows\system32\win32k.sys
2013-05-11 23:20:03 ----D---- C:\Users\Milan\AppData\Roaming\IrfanView
2013-05-09 08:10:29 ----D---- C:\Program Files (x86)\AAALOGO2010
2013-05-09 07:46:52 ----SHD---- C:\Config.Msi
2013-05-06 23:37:27 ----D---- C:\Program Files (x86)\AAALOGO

======List of files/folders modified in the last 1 month======

2013-06-04 18:59:22 ----D---- C:\Program Files\trend micro
2013-06-04 18:59:00 ----D---- C:\windows\Temp
2013-06-04 18:51:13 ----D---- C:\windows\Prefetch
2013-06-04 18:50:26 ----D---- C:\windows\System32
2013-06-04 18:50:26 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-06-04 18:48:02 ----D---- C:\windows\system32\config
2013-06-04 18:46:32 ----A---- C:\windows\SYSWOW64\log.txt
2013-06-04 18:44:26 ----D---- C:\ProgramData\HPQLOG
2013-06-04 16:45:58 ----SHD---- C:\windows\Installer
2013-06-04 16:45:56 ----D---- C:\windows\system32\Tasks
2013-06-04 16:45:56 ----D---- C:\windows\system32\drivers
2013-06-04 16:45:53 ----SD---- C:\Users\Milan\AppData\Roaming\Microsoft
2013-06-04 16:45:53 ----RD---- C:\Program Files
2013-06-04 16:45:40 ----SHD---- C:\System Volume Information
2013-06-04 16:45:31 ----D---- C:\Windows
2013-06-04 16:45:25 ----D---- C:\Program Files (x86)\Common Files
2013-06-04 16:25:30 ----RD---- C:\Program Files (x86)
2013-06-04 16:01:41 ----HD---- C:\ProgramData
2013-06-04 15:55:19 ----D---- C:\Users\Milan\AppData\Roaming\vlc
2013-06-04 15:53:31 ----D---- C:\ProgramData\Adobe
2013-06-04 15:53:31 ----D---- C:\Program Files (x86)\Adobe
2013-06-04 15:53:16 ----D---- C:\windows\SysWOW64
2013-06-04 15:08:40 ----D---- C:\windows\system32\catroot2
2013-06-04 15:02:33 ----D---- C:\windows\inf
2013-06-04 09:20:20 ----D---- C:\windows\Tasks
2013-06-04 09:10:33 ----SHD---- C:\$Recycle.Bin
2013-06-04 08:58:40 ----D---- C:\Users\Milan\AppData\Roaming\BitComet
2013-06-04 01:53:30 ----D---- C:\Downloads
2013-06-02 23:19:51 ----D---- C:\Users\Milan\AppData\Roaming\Skype
2013-06-01 16:15:20 ----D---- C:\windows\system32\wfp
2013-06-01 16:15:18 ----D---- C:\windows\system32\wbem
2013-06-01 16:14:49 ----D---- C:\windows\system32\DriverStore
2013-06-01 16:14:47 ----D---- C:\Users\Milan\AppData\Roaming\GHISLER
2013-06-01 16:14:46 ----D---- C:\windows\registration
2013-06-01 16:14:42 ----D---- C:\Users\Milan\AppData\Roaming\Foxit Software
2013-05-30 23:24:46 ----D---- C:\ProgramData\Microsoft Help
2013-05-30 11:23:34 ----D---- C:\ProgramData\Skype
2013-05-30 11:23:31 ----RD---- C:\Program Files (x86)\Skype
2013-05-23 13:16:24 ----D---- C:\windows\debug
2013-05-22 22:24:08 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-05-22 17:55:36 ----D---- C:\Users\Milan\AppData\Roaming\Mozilla
2013-05-20 20:54:00 ----D---- C:\windows\system32\NDF
2013-05-20 09:06:30 ----D---- C:\Users\Milan\AppData\Roaming\hpqLog
2013-05-18 13:57:07 ----D---- C:\Program Files (x86)\Google
2013-05-16 10:03:02 ----D---- C:\windows\rescache
2013-05-16 09:11:40 ----RSD---- C:\windows\assembly
2013-05-16 09:11:40 ----D---- C:\windows\Microsoft.NET
2013-05-16 06:55:53 ----D---- C:\windows\winsxs
2013-05-16 06:53:29 ----D---- C:\windows\SYSWOW64\migration
2013-05-16 06:53:29 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-05-16 06:53:29 ----D---- C:\windows\system32\migration
2013-05-16 06:53:29 ----D---- C:\windows\system32\cs-CZ
2013-05-16 06:53:29 ----D---- C:\windows\AppPatch
2013-05-16 06:53:29 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-16 06:53:28 ----D---- C:\Program Files\Internet Explorer
2013-05-16 06:34:49 ----A---- C:\windows\system32\MRT.exe
2013-05-16 06:30:35 ----D---- C:\windows\system32\catroot
2013-05-12 08:19:56 ----D---- C:\windows\twain_32
2013-05-12 08:19:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-05-11 22:54:36 ----D---- C:\Users\Milan\AppData\Roaming\Zoner
2013-05-09 08:01:17 ----D---- C:\Program Files\IDT
2013-05-09 08:01:17 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-05-09 08:01:14 ----D---- C:\windows\system32\SRSLabs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-03-16 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-03-30 168008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2012-07-19 126944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-03-16 43320]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-03 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-03-22 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12262336]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-20 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-03-04 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S1 jtueyuvi;jtueyuvi; \??\C:\windows\system32\drivers\jtueyuvi.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-03-03 63336]
S3 EsgScanner;EsgScanner; C:\windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 HTCAND64;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys []
S3 MsgPlusDriver;Messenger Plus! Virtual Camera; C:\windows\system32\DRIVERS\MsgPlusDriver.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\windows\System32\Drivers\RimUsb_AMD64.sys [2013-01-03 78336]
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-20 32768]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-30 951584]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-04-01 485712]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-03-18 132152]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-03-22 293944]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-03-16 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2011-01-20 980320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-03-30 1318912]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2011-01-20 203104]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-05-07 1025408]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-03-04 297984]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-04-05 30776]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-29 799800]
S2 BrowserDefendert;BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2013-05-23 2827728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 116648]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-22 256904]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-03-07 464512]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-15 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-12 117144]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-06-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Time2Groove · #2 Příspěvek od **Time2Groove** » 04 čer 2013 18:21

tak jiz scanuji s OTL

dikes...

Time2Groove · #3 Příspěvek od **Time2Groove** » 04 čer 2013 18:44

ready

OTL Extras logfile created on: 4.6.2013 19:15:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Milan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 41,23% Memory free
7,82 Gb Paging File | 4,59 Gb Available in Paging File | 58,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 251,61 Gb Total Space | 144,28 Gb Free Space | 57,34% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 194,05 Gb Free Space | 99,35% Space Free | Partition Type: NTFS
Drive E: | 13,55 Gb Total Space | 2,00 Gb Free Space | 14,74% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 4,97 Gb Free Space | 99,82% Space Free | Partition Type: FAT32

Computer Name: MILAN-HP | User Name: Milan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{D55CE2C5-59C2-48CB-873F-BBF4E631DFD6}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{3DC0C07E-D84F-48DA-B998-8B4D170C3A32}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50928788-ED14-4B45-97FF-EC3C4EC7BBC1}" = HP 3D DriveGuard
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}" = Validity Fingerprint Sensor Driver
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87821717-5688-4AE6-887A-6B11571D0CD7}" = Embedded Security for HP ProtectTools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCD55450-77AC-4347-B24F-654B1189F8D4}" = SpyHunter
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CD4F3229-4A37-463F-98A3-3DEEEEE8492C}" = HP Backlit Keyboard Controls
"{CF9ACC81-C8C3-4BD1-BD1F-FE13CF344E20}" = HP Power Assistant
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{D856C86A-6D49-4A32-BBC2-54714EAF2CA0}" = HP ProtectTools Security Manager
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{E6F19F75-2802-4E60-B04B-B7151BBEE53F}" = HP HotKey Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}" = Google Earth
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{5B2E4D40-16FA-40A0-B510-A50FA8F72D6A}" = ArcSoft Camera Suite
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}" = HP Documentation
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72CD20B8-55F3-4B4F-A44F-E381232E84ED}" = HP QuickWeb
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2010
"{90140000-0017-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{C9E849B3-ABF0-42E1-AD6F-2BB831396160}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.OMUI.cs-cz_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2010
"{90140000-0100-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{8C98465B-426D-489E-A943-8066AFE3975E}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2010
"{90140000-0101-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{39BD8052-FD8D-4D6A-9C62-FEDC4709DF07}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{954079D6-28E0-417D-AC43-F728E3CB7CE5}" = HP System Default Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A8406AA9-FC6C-449C-96D7-B4192C4306FE}" = Zimbra Desktop
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}" = HP Software Framework
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{cb41fc68-4442-4f7f-b22f-8f31c74897ac}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E6CBC979-E613-49E6-A37B-3C342DE35235}_is1" = PDF to Word
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{EFCB119B-6A71-489F-A81A-61627969D35C}" = HP ESU for Microsoft Windows 7
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"AAA Logo 3.10 Business_is1" = AAA Logo Business Edition 3.10
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArcSoft Camera Suite" = ArcSoft Camera Suite
"BitComet_x64" = BitComet 1.34 64-bit
"Foxit Reader_is1" = Foxit Reader
"Freemake Video Converter_is1" = Freemake Video Converter verze 4.0.1
"KeePass Password Safe_is1" = KeePass Password Safe 1.25
"Mozilla Firefox 21.0 (x86 cs)" = Mozilla Firefox 21.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.OMUI.cs-cz" = Microsoft Office Language Pack 2010 - Czech/èeština
"Office14.SingleImage" = Microsoft Office 2010 pro podnikatele
"PowerISO" = PowerISO
"VIP Access SDK" = VIP Access SDK (1.0.0.55)
"VLC media player" = VLC media player 2.0.6
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4.6.2013 13:31:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0xc0c Čas spuštění chybující aplikace: 0x01ce6149477bb35e Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: 852ba954-cd3c-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:32:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x1710 Čas spuštění chybující aplikace: 0x01ce61496b3ee32c Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: a8eda09d-cd3c-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:33:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x1274 Čas spuštění chybující aplikace: 0x01ce61498f093f05 Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: ccb934fb-cd3c-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:34:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0xff8 Čas spuštění chybující aplikace: 0x01ce6149b2c5df0a Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: f074ea9c-cd3c-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:35:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x1f4 Čas spuštění chybující aplikace: 0x01ce6149d68899a6 Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: 14373006-cd3d-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:36:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x1694 Čas spuštění chybující aplikace: 0x01ce6149fa69d934 Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: 3822f70c-cd3d-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:37:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x3f0 Čas spuštění chybující aplikace: 0x01ce614a1e6ad63a Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: 5c1cc807-cd3d-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:38:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x14d8 Čas spuštění chybující aplikace: 0x01ce614a41d3fdd6 Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: 7f829436-cd3d-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:39:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x1578 Čas spuštění chybující aplikace: 0x01ce614a65a1dc2c Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: a35aabe3-cd3d-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:40:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x860 Čas spuštění chybující aplikace: 0x01ce614a89a74612 Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: c75651a4-cd3d-11e2-8dd9-402cf4783a4e

Error - 4.6.2013 13:41:00 | Computer Name = Milan-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: BrowserDefender.exe, verze: 2.6.1339.144,
časové razítko: 0x519ddcdf Název chybujícího modulu: BrowserDefender.exe, verze:
2.6.1339.144, časové razítko: 0x519ddcdf Kód výjimky: 0x40000015 Posun chyby: 0x000f1790
ID
chybujícího procesu: 0x220 Čas spuštění chybující aplikace: 0x01ce614aad5259a5 Cesta
k chybující aplikaci: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
Cesta
k chybujícímu modulu: C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
ID
zprávy: eb0c13bf-cd3d-11e2-8dd9-402cf4783a4e

[ Hewlett-Packard Events ]
Error - 9.11.2012 7:29:45 | Computer Name = Milan-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111209122942.xml
File not created by asset agent

Error - 12.4.2013 6:19:42 | Computer Name = Milan-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041312121939.xml
File not created by asset agent

Error - 26.4.2013 11:36:06 | Computer Name = Milan-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041326053600.xml
File not created by asset agent

[ HP Connection Manager Events ]
Error - 27.6.2012 12:33:08 | Computer Name = Milan-HP | Source = hpCMSrv | ID = 5
Description = 2012/06/27 18:33:08.261|000014F4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ HP Power Assistant Events ]
Error - 28.6.2012 3:32:13 | Computer Name = Milan-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 28.6.2012 13:30:29 | Computer Name = Milan-HP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 28.6.2012 13:30:29 | Computer Name = Milan-HP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 28.6.2012 13:30:29 | Computer Name = Milan-HP | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

Error - 28.6.2012 13:30:45 | Computer Name = Milan-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 28.6.2012 15:24:05 | Computer Name = Milan-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 28.6.2012 17:24:24 | Computer Name = Milan-HP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 28.6.2012 17:24:24 | Computer Name = Milan-HP | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 28.6.2012 17:24:24 | Computer Name = Milan-HP | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

Error - 28.6.2012 17:24:50 | Computer Name = Milan-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

[ Spybot - Search and Destroy Events ]
Error - 31.12.2012 8:23:48 | Computer Name = Milan-HP | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 24.1.2013 18:46:09 | Computer Name = Milan-HP | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 31.1.2013 20:03:18 | Computer Name = Milan-HP | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 26.5.2013 18:07:25 | Computer Name = Milan-HP | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 4.6.2013 3:53:34 | Computer Name = Milan-HP | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 4.6.2013 4:30:43 | Computer Name = Milan-HP | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

[ System Events ]
Error - 4.6.2013 13:37:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby BrowserDefendert bylo dosaženo časového
limitu (30000 ms).

Error - 4.6.2013 13:37:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7000
Description = Služba BrowserDefendert neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 4.6.2013 13:38:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby BrowserDefendert bylo dosaženo časového
limitu (30000 ms).

Error - 4.6.2013 13:38:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7000
Description = Služba BrowserDefendert neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 4.6.2013 13:39:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby BrowserDefendert bylo dosaženo časového
limitu (30000 ms).

Error - 4.6.2013 13:39:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7000
Description = Služba BrowserDefendert neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 4.6.2013 13:40:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby BrowserDefendert bylo dosaženo časového
limitu (30000 ms).

Error - 4.6.2013 13:40:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7000
Description = Služba BrowserDefendert neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 4.6.2013 13:41:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby BrowserDefendert bylo dosaženo časového
limitu (30000 ms).

Error - 4.6.2013 13:41:00 | Computer Name = Milan-HP | Source = Service Control Manager | ID = 7000
Description = Služba BrowserDefendert neuspěla při spuštění v důsledku následující
chyby: %%1053

< End of report >

Time2Groove · #4 Příspěvek od **Time2Groove** » 04 čer 2013 19:01

scan OTL.zip: (153.23 KiB) Staženo 65 x

Time2Groove · #5 Příspěvek od **Time2Groove** » 04 čer 2013 19:01

konecne se mi to podarilo - jsou tam oba logy

Time2Groove · #6 Příspěvek od **Time2Groove** » 04 čer 2013 19:07

prosim, te bud tak hodny, musim ted neplanovane odjet. Budu za hodku, pokud budes moct, nebo mi prosim, nech postup jak to vse odpalit do pryc.
Diky moc

M.

Time2Groove · #7 Příspěvek od **Time2Groove** » 04 čer 2013 19:33

stihl jsem to driv...takze vkladam log, co mi to vyplivlo

Error: Unable to interpret <DRIVES> in the current context!
Error: Unable to interpret <SHOWHIDDEN> in the current context!
Error: Unable to interpret <BASESERVICES> in the current context!
Error: Unable to interpret </md5start> in the current context!
Error: Unable to interpret <cngaudit.dll> in the current context!
Error: Unable to interpret <cryptsvc.dll> in the current context!
Error: Unable to interpret <eNetHook.dll> in the current context!
Error: Unable to interpret <eventlog.dll> in the current context!
Error: Unable to interpret <hal.dll> in the current context!
Error: Unable to interpret <netlogon.dll> in the current context!
Error: Unable to interpret <KR10N.dll> in the current context!
Error: Unable to interpret <scecli.dll> in the current context!
Error: Unable to interpret <user32.dll> in the current context!
Error: Unable to interpret <winsrv.dll> in the current context!
Error: Unable to interpret <ws2_32.dll> in the current context!
Error: Unable to interpret <autochk.exe> in the current context!
Error: Unable to interpret <cmd.exe> in the current context!
Error: Unable to interpret <csrss.exe> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
Error: Unable to interpret <lsass.exe> in the current context!
Error: Unable to interpret <ntkrnlpa.exe> in the current context!
Error: Unable to interpret <ntoskrnl.exe> in the current context!
Error: Unable to interpret <services.exe> in the current context!
Error: Unable to interpret <smss.exe> in the current context!
Error: Unable to interpret <spoolsv.exe> in the current context!
Error: Unable to interpret <svchost.exe> in the current context!
Error: Unable to interpret <regedit.exe> in the current context!
Error: Unable to interpret <userinit.exe> in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <wscript.exe> in the current context!
Error: Unable to interpret <afd.sys> in the current context!
Error: Unable to interpret <adp3132.sys> in the current context!
Error: Unable to interpret <acpi.sys> in the current context!
Error: Unable to interpret <AGP440.sys> in the current context!
Error: Unable to interpret <ahcix86.sys> in the current context!
Error: Unable to interpret <ahcix86s.sys> in the current context!
Error: Unable to interpret <atapi.sys> in the current context!
Error: Unable to interpret <cdrom.sys > in the current context!
Error: Unable to interpret <Changer.sys> in the current context!
Error: Unable to interpret <fastfat.sys> in the current context!
Error: Unable to interpret <i8042prt.sys> in the current context!
Error: Unable to interpret <iaStor.sys> in the current context!
Error: Unable to interpret <iastorv.sys> in the current context!
Error: Unable to interpret <IdeChnDr.sys> in the current context!
Error: Unable to interpret <isapnp.sys > in the current context!
Error: Unable to interpret <JakNDis.sys> in the current context!
Error: Unable to interpret <kbdclass.sys> in the current context!
Error: Unable to interpret <KR10N.sys> in the current context!
Error: Unable to interpret <mv61xx.sys> in the current context!
Error: Unable to interpret <ndis.sys> in the current context!
Error: Unable to interpret <ntfs.sys> in the current context!
Error: Unable to interpret <nvata.sys> in the current context!
Error: Unable to interpret <nvatabus.sys> in the current context!
Error: Unable to interpret <nvgts.sys> in the current context!
Error: Unable to interpret <nvraid.sys > in the current context!
Error: Unable to interpret <nvrd32.sys > in the current context!
Error: Unable to interpret <nvstor.sys> in the current context!
Error: Unable to interpret <nvstor32.sys> in the current context!
Error: Unable to interpret <symmpi.sys> in the current context!
Error: Unable to interpret <tcpip.sys> in the current context!
Error: Unable to interpret <tdx.sys> in the current context!
Error: Unable to interpret <vaxscsi.sys> in the current context!
Error: Unable to interpret <viamraid.sys> in the current context!
Error: Unable to interpret <viasraid.sys> in the current context!
Error: Unable to interpret <ViPrt.sys> in the current context!
Error: Unable to interpret <Win32k.sys> in the current context!
Error: Unable to interpret <Wdf01000.sys> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <%systemroot%\system32\logevent.dll /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\sceclt.dll /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\ntelogon.dll /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\logevent.dll /md5 /64> in the current context!
Error: Unable to interpret <%systemroot%\system32\sceclt.dll /md5 /64> in the current context!
Error: Unable to interpret <%systemroot%\system32\ntelogon.dll /md5 /64> in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll /md5 /64> in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.sys /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /md5 /64> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.sys /md5 /64> in the current context!
Error: Unable to interpret <%SystemDrive%\PhysicalMBR.bin /md5> in the current context!
Error: Unable to interpret <%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5> in the current context!
Error: Unable to interpret <%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5> in the current context!
Error: Unable to interpret <%PROGRAMFILES%\Opera\opera.exe /md5> in the current context!
Error: Unable to interpret <%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5> in the current context!
Error: Unable to interpret <%systemroot%\system32\Spool\prtprocs\*.* /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /10> in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /X > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.* /10> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.* /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\system32\config\*.sav > in the current context!
Error: Unable to interpret <c:\$Recycle.Bin|L,N,U,@;true;true;true /FN> in the current context!
Error: Unable to interpret <c:\Windows\Installer|L,N,U,@;true;true;true /FN> in the current context!
Error: Unable to interpret <%systemroot%\Tasks\*.job> in the current context!
Error: Unable to interpret <%systemroot%\*.* /U /s> in the current context!
Error: Unable to interpret <%systemroot%\*. /rp /s> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikací\*.*> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikací\*.exe /s> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Nabídka Start\*.lnk /x> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikácií\*.*> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Data Aplikácií\*.exe /s> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Start Menu\*.lnk /x> in the current context!
Error: Unable to interpret <%APPDATA%\*.> in the current context!
Error: Unable to interpret <%APPDATA%\*.*> in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s> in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context!
Error: Unable to interpret <%systemroot%\system32|bak;true;false;false /fp> in the current context!
Error: Unable to interpret <%PROGRAMFILES%|bak;true;false;false /fp> in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s> in the current context!
Error: Unable to interpret <reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs" /c> in the current context!
Error: Unable to interpret <type c:\boot.ini >> test.txt /c> in the current context!
Error: Unable to interpret <bcdedit /enum all /v >C:\boot.txt /c> in the current context!
Error: Unable to interpret <type C:\boot.txt >> test1.txt /c> in the current context!
Error: Unable to interpret <echo list vol > C:\prikaz.txt | diskpart /s C:\prikaz.txt > C:\test2.txt /c> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 06042013_203147

Time2Groove · #8 Příspěvek od **Time2Groove** » 04 čer 2013 19:37

tohle se mi automaticky otevrelo po klik na opravit. Takze udelam jeste jeden scan - ok?

Time2Groove · #9 Příspěvek od **Time2Groove** » 04 čer 2013 19:48

OK jsem u PC:-)

Time2Groove · #10 Příspěvek od **Time2Groove** » 04 čer 2013 19:54

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AAA1D59F-0BE6-4EA5-90D2-6778F8540BF5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAA1D59F-0BE6-4EA5-90D2-6778F8540BF5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AudioCodec scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AudioCodec scheduled to be deleted on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll deleted successfully.
c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\housecalllauncher.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\housecalllauncher.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe\ not found.
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender folder moved successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully.
C:\ProgramData\BrowserDefender\2.6.1339.144 folder moved successfully.
C:\ProgramData\BrowserDefender folder moved successfully.
C:\Windows\SysNative\roboot64.exe moved successfully.
C:\Users\Milan\AppData\Roaming\systweak folder moved successfully.
========== REGISTRY ==========
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AudioCodec scheduled to be deleted on reboot.
========== FILES ==========
Folder C:\ProgramData\AudioCodec0 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 58264 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Milan
->Temp folder emptied: 64294947 bytes
->Temporary Internet Files folder emptied: 3351368 bytes
->Java cache emptied: 6582129 bytes
->FireFox cache emptied: 38007278 bytes
->Google Chrome cache emptied: 173990019 bytes
->Flash cache emptied: 58822 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 190411 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4951190 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4978621 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36114617 bytes
RecycleBin emptied: 86735124 bytes

Total Files Cleaned = 400,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06042013_205126

Files\Folders moved on Reboot...
C:\Users\Milan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJR0WM8N\index[1].htm moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AudioCodec deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AudioCodec deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AudioCodec not found.

Time2Groove · #11 Příspěvek od **Time2Groove** » 04 čer 2013 19:54

podle tveho pokynu ...

Time2Groove · #12 Příspěvek od **Time2Groove** » 04 čer 2013 20:43

ale porad tam to svinstvo je

Time2Groove · #13 Příspěvek od **Time2Groove** » 05 čer 2013 14:02

opraveno dle tvych instrukci a vkladam log z MBAM

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.06.05.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Milan :: MILAN-HP [administrátor]

Ochrana: Povolena

5.6.2013 14:55:39
mbam-log-2013-06-05 (14-55-39).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228233
Uplynulý čas: 3 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Time2Groove · #14 Příspěvek od **Time2Groove** » 05 čer 2013 14:05

vkladam log z RogueKiller...
a sorry ja mysle, ze jsi se na mne vykaslal...omlouvam se

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Milan [Práva správce]
Mód : Odebrat -- Datum : 06/05/2013 15:04:17
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : AudioCodec ("C:\ProgramData\AudioCodec0\mwvaztybt.exe") [-] -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : AudioCodec (C:\ProgramData\AudioCodec0\mwvaztybt.exe) [-] -> VYMAZÁNO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9500423AS +++++
--- User ---
[MBR] e3cc49c686de3782f76e401880241eab
[BSP] 8e2f6399ad73977971f063f0b5eefe7f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 616448 | Size: 257644 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 528271360 | Size: 218994 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] ca28ab1ad38243aa7f99841226fd3962
[BSP] ea83b6a3ec8aa51cf5d1aede348ee10f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 616448 | Size: 61440 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 126445568 | Size: 40000 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 208365568 | Size: 1000 Mo

Dokončeno : << RKreport[1]_D_06052013_02d1504.txt >>
RKreport[1]_D_06052013_02d1504.txt

Time2Groove · #15 Příspěvek od **Time2Groove** » 05 čer 2013 16:08

OK, super promin

zacnu tedy s combofixem

VIRY.CZ

Delta search

Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search

Re: Delta search