Kolega je v koncích s virem policie. Podařilo se mi to rozchodit v nouzovém režimu a dávám log.
Prosím o pomoc
Logfile of random's system information tool 1.09 (written by random/random)
Run by pavel at 2013-06-21 19:07:35
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 182 GB (61%) free of 297 GB
Total RAM: 1790 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:05, on 21.6.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\config\systemprofile\Desktop\RSIT.exe
C:\Program Files\trend micro\pavel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - (no file)
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Fe0uUA1mlrHyN] C:\Users\pavel\AppData\Local\Ylapdvx.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9616 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{72EAAE9A-2B44-41A7-B8B4-B613498E160D}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
C:\PROGRA~1\SITERA~1\SiteRank.dll [2009-10-08 311808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}]
Searchqu Toolbar - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll [2010-02-10 87488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
C:\PROGRA~1\INBOXT~1\Inbox.dll [2009-09-07 576000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-30 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2011-01-13 2444688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2011-02-28 1048888]
{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2009-09-07 576000]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{7FF99715-3016-4381-84CE-E4E4C9673020} - Searchqu Toolbar - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll [2010-02-10 87488]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
""= []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"Fe0uUA1mlrHyN"=C:\Users\pavel\AppData\Local\Ylapdvx.exe [2013-06-14 146432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
C:\PROGRA~1\AVG\AVG9\avgtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-23 468264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker]
C:\Program Files\SiteRanker\SiteRankTray.exe [2009-10-08 273920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-30 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall_CToolbar]
C:\Users\pavel\AppData\Local\Temp\CUninst.exe /remove []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wi9130~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-06-21 19:07:35 ----D---- C:\Program Files\trend micro
2013-06-21 19:07:34 ----D---- C:\rsit
2013-06-21 19:04:41 ----D---- C:\Windows\system32\config\systemprofile\AppData\Roaming\Macromedia
2013-06-21 19:04:11 ----D---- C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe
2013-06-20 12:30:02 ----SHD---- C:\Config.Msi
2013-06-20 11:41:41 ----D---- C:\174f0707abb25efe9f9b3014795fb3bb
2013-06-15 11:10:05 ----A---- C:\Windows\ntbtlog.txt
2013-06-13 03:06:41 ----A---- C:\Windows\system32\mshtmled.dll
2013-06-13 03:06:40 ----A---- C:\Windows\system32\vbscript.dll
2013-06-13 03:06:38 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-13 03:06:38 ----A---- C:\Windows\system32\ieUnatt.exe
2013-06-13 03:06:38 ----A---- C:\Windows\system32\ieui.dll
2013-06-13 03:06:37 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-13 03:06:36 ----A---- C:\Windows\system32\wininet.dll
2013-06-13 03:06:36 ----A---- C:\Windows\system32\jscript.dll
2013-06-13 03:06:35 ----A---- C:\Windows\system32\url.dll
2013-06-13 03:06:35 ----A---- C:\Windows\system32\jscript9.dll
2013-06-13 03:06:34 ----A---- C:\Windows\system32\iertutil.dll
2013-06-13 03:06:33 ----A---- C:\Windows\system32\urlmon.dll
2013-06-13 03:06:31 ----A---- C:\Windows\system32\ieframe.dll
2013-06-13 03:06:30 ----A---- C:\Windows\system32\mshtml.dll
2013-06-12 05:26:40 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-06-12 05:26:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 05:26:37 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 05:26:37 ----A---- C:\Windows\system32\printcom.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 05:26:34 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 05:26:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-06-12 05:26:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-06-12 05:25:45 ----A---- C:\Windows\system32\cryptdlg.dll
======List of files/folders modified in the last 1 month======
2013-06-21 19:07:35 ----RD---- C:\Program Files
2013-06-21 19:04:55 ----D---- C:\Windows\System32
2013-06-21 19:04:55 ----D---- C:\Windows\inf
2013-06-21 19:04:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-06-21 18:57:21 ----D---- C:\Windows\Temp
2013-06-20 12:32:16 ----SHD---- C:\Windows\Installer
2013-06-20 12:31:50 ----RSD---- C:\Windows\assembly
2013-06-20 12:30:57 ----D---- C:\Windows\Prefetch
2013-06-20 11:41:31 ----SHD---- C:\System Volume Information
2013-06-15 11:54:59 ----D---- C:\Windows\system32\LogFiles
2013-06-15 11:11:42 ----SD---- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft
2013-06-15 11:10:05 ----D---- C:\Windows
2013-06-13 05:28:08 ----D---- C:\Windows\rescache
2013-06-13 05:02:55 ----D---- C:\Windows\system32\migration
2013-06-13 05:02:55 ----D---- C:\Windows\system32\drivers
2013-06-13 05:02:54 ----D---- C:\Program Files\Internet Explorer
2013-06-13 05:02:52 ----D---- C:\Windows\system32\sk-SK
2013-06-13 05:02:52 ----D---- C:\Windows\system32\en-US
2013-06-13 05:02:52 ----D---- C:\Windows\system32\cs-CZ
2013-06-13 03:07:40 ----D---- C:\Windows\winsxs
2013-06-13 03:07:13 ----D---- C:\Windows\system32\catroot
2013-06-13 03:07:12 ----D---- C:\Windows\system32\catroot2
2013-06-11 21:34:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-06-02 17:21:30 ----A---- C:\Windows\system32\mrt.exe
2013-06-02 11:17:42 ----D---- C:\Program Files\Microsoft Office
2013-06-02 11:17:41 ----RSD---- C:\Windows\Fonts
2013-06-02 11:17:24 ----D---- C:\Program Files\Common Files\microsoft shared
2013-06-02 11:16:09 ----D---- C:\Program Files\MSECache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102784]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 103040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
S2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2011-01-13 1960336]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-05 135664]
S2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2011-02-28 247096]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
S2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
S2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11 256904]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-05 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-19 194032]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 553440]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-06-08 153808]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-06-21 435008]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
PČR opět v akci
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: PČR opět v akci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: PČR opět v akci
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-06-2013 02
Ran by pavel (administrator) on 21-06-2013 19:36:26
Running from F:\
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13797920 2009-07-23] (NVIDIA Corporation)
HKLM\...\Run: [] [x]
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [Fe0uUA1mlrHyN] C:\Users\pavel\AppData\Local\Ylapdvx.exe [146432 2013-06-14] ()
HKU\pavel\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [ 2012-07-13] (Skype Technologies S.A.)
HKU\pavel\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\pavel\...\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 [ 2011-03-01] (ICQ, LLC.)
HKU\pavel\...\Run: [Facebook Update] "C:\Users\pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [ 2012-07-12] (Facebook Inc.)
HKU\pavel\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-21] (Microsoft Corporation)
HKU\pavel\...\Run: [Fe0uUA1mlrHyN] C:\Users\pavel\AppData\Local\Ylapdvx.exe [ 2013-06-14] ()
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - {89F0EFA3-627F-4666-B6B5-BA622E51008A} URL = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
SearchScopes: HKLM - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu.com/web?src=ieb&sys ... earchTerms}
HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll (Crawler, LLC)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - No File
BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - No File
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
BHO: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: BandooIEPlugin Class - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - No Name - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No File
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
========================== Services (Whitelisted) =================
S2 Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [1960336 2011-01-13] (Bandoo Media Inc.)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)
S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247096 2011-02-28] ()
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
S2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [153808 2010-06-08] (Avanquest Software)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435008 2011-06-21] (TuneUp Software)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1051968 2010-07-06] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [103040 2008-12-30] (Huawei Technologies Co., Ltd.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-25] (TuneUp Software)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
========================== Drivers MD5 =======================
C:\Windows\System32\drivers\acpi.sys 82B296AE1892FE3DBEE00C9CF92F8AC7
C:\Windows\System32\drivers\adp94xx.sys 04F0FCAC69C7C71A3AC4EB97FAFC8303
C:\Windows\System32\drivers\adpahci.sys 60505E0041F7751BDBB80F88BF45C2CE
C:\Windows\System32\drivers\adpu160m.sys 8A42779B02AEC986EAB64ECFC98F8BD7
C:\Windows\System32\drivers\adpu320.sys 241C9E37F8CE45EF51C3DE27515CA4E5
C:\Windows\system32\drivers\afd.sys 3911B972B55FEA0478476B2E777B29FA
C:\Windows\system32\drivers\agp440.sys 13F9E33747E6B41A3FF305C37DB0D360
C:\Windows\System32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\System32\drivers\aliide.sys 3D76FDA1A10ACC3DC84728F55C29B6D4
C:\Windows\system32\drivers\amdagp.sys C47344BC706E5F0B9DCE369516661578
C:\Windows\System32\drivers\amdide.sys 5B92E7839F5A1FBC1B39DE67758AD6F8
C:\Windows\system32\drivers\amdk7.sys 18F29B49AD23ECEE3D2A826C725C8D48
C:\Windows\system32\drivers\amdk8.sys 93AE7F7DD54AB986A6F1A1B37BE7442D
C:\Windows\System32\drivers\arc.sys 5D2888182FB46632511ACEE92FDAD522
C:\Windows\System32\drivers\arcsas.sys 5E2A321BD7C8B3624E41FDEC3E244945
C:\Windows\System32\DRIVERS\asyncmac.sys 53B202ABEE6455406254444303E87BE1
C:\Windows\System32\drivers\atapi.sys 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\System32\DRIVERS\athr.sys 600EFE56F37ADBD65A0FB076B50D1B8D
C:\Windows\System32\Drivers\Beep.sys 67E506B75BD5326A3EC7B70BD014DFB6
C:\Windows\system32\drivers\blbdrive.sys D4DF28447741FD3D953526E33A617397
C:\Windows\System32\DRIVERS\bowser.sys 35F376253F687BDE63976CCB3F2108CA
C:\Windows\system32\drivers\brfiltlo.sys ==> MD5 is legit
C:\Windows\system32\drivers\brfiltup.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserid.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserwdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbmdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbser.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys 7ADD03E75BEB9E6DD102C3081D29840A
C:\Windows\System32\DRIVERS\cdrom.sys 6B4BFFB9BECD728097024276430DB314
C:\Windows\system32\drivers\circlass.sys E5D4133F37219DBCFE102BC61072589D
C:\Windows\System32\CLFS.sys D7659D3B5B92C31E84E53C1431F35132
C:\Windows\System32\DRIVERS\CmBatt.sys 99AFC3795B58CC478FBBBCDC658FCB56
C:\Windows\System32\drivers\cmdide.sys D36372A6EA6805EFBE8884D10772313F
C:\Windows\System32\drivers\CHDRT32.sys 1ADF6F4852E7D7E2E8AC481BDB970586
C:\Windows\System32\DRIVERS\compbatt.sys 6AFEF0B60FA25DE07C0968983EE4F60A
C:\Windows\System32\drivers\crcdisk.sys 741E9DFF4F42D2D8477D0FC1DC0DF871
C:\Windows\system32\drivers\crusoe.sys 1F07BECDCA750766A96CDA811BA86410
C:\Windows\System32\Drivers\dfsc.sys 622C41A07CA7E6DD91770F50D532CB6C
C:\Windows\System32\drivers\disk.sys 5D4AEFC3386920236A548271F8F1AF6A
C:\Windows\System32\drivers\drmkaud.sys 97FEF831AB90BEE128C9AF390E243F80
C:\Windows\System32\drivers\dxgkrnl.sys 5DE0FAEC9E5D1AAE74F8568897891A01
C:\Windows\System32\DRIVERS\E1G60I32.sys 5425F74AC0C1DBD96A1E04F17D63F94C
C:\Windows\System32\drivers\ecache.sys 7F64EA048DCFAC7ACF8B4D7B4E6FE371
C:\Windows\System32\drivers\elxstor.sys 23B62471681A124889978F6295B3F4C6
C:\Windows\system32\drivers\errdev.sys 3DB974F3935483555D7148663F726C61
C:\Windows\System32\Drivers\exfat.sys 22B408651F9123527BCEE54B4F6C5CAE
C:\Windows\System32\Drivers\fastfat.sys 1E9B9A70D332103C52995E957DC09EF8
C:\Windows\System32\DRIVERS\fdc.sys AFE1E8B9782A0DD7FB46BBD88E43F89A
C:\Windows\System32\drivers\fileinfo.sys A8C0139A884861E3AAE9CFE73B208A9F
C:\Windows\System32\drivers\filetrace.sys 0AE429A696AECBC5970E3CF2C62635AE
C:\Windows\System32\DRIVERS\flpydisk.sys 85B7CF99D532820495D68D747FDA9EBD
C:\Windows\System32\drivers\fltmgr.sys 01334F9EA68E6877C4EF05D3EA8ABB05
C:\Windows\System32\DRIVERS\fssfltr.sys D909075FA72C090F27AA926C32CB4612
C:\Windows\System32\Drivers\Fs_Rec.sys B972A66758577E0BFD1DE0F91AAA27B5
C:\Windows\system32\drivers\gagp30kx.sys 34582A6E6573D54A07ECE5FE24A126B5
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys 062452B7FFD68C8C042A6261FE8DFF4A
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys CCA4B519B17E23A00B826C55716809CC
C:\Windows\System32\drivers\hpcisss.sys 16EE7B23A009E00D835CDB79574A91A6
C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 35956140E686D53BF676CF0C778880FC
C:\Windows\System32\DRIVERS\HSX_DPV.sys CC267848CB3508E72762BE65734E764D
C:\Windows\System32\DRIVERS\HSXHWAZL.sys A2882945CC4B6E3E4E9E825590438888
C:\Windows\System32\drivers\HTTP.sys F870AA3E254628EBEAFE754108D664DE
C:\Windows\System32\DRIVERS\ewusbmdm.sys 92CA47DA32009CCC00A5ADED04ABBD78
C:\Windows\System32\DRIVERS\ewusbfake.sys 1D4D6D24256F61E6B08A3CF8184A78B8
C:\Windows\System32\drivers\i2omp.sys C6B032D69650985468160FC9937CF5B4
C:\Windows\System32\DRIVERS\i8042prt.sys 22D56C8184586B7A1F6FA60BE5F5A2BD
C:\Windows\System32\drivers\iastorv.sys 54155EA1B0DF185878E0FC9EC3AC3A14
C:\Windows\System32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys DD512A049BD7B4BCE8A83554C5EFF2C1
C:\Windows\System32\DRIVERS\intelppm.sys 224191001E78C89DFA78924C3EA595FF
C:\Windows\System32\DRIVERS\ipfltdrv.sys 62C265C38769B864CB25B4BCF62DF6C3
C:\Windows\system32\drivers\ipmidrv.sys B25AAF203552B7B3491139D582B39AD1
C:\Windows\System32\DRIVERS\ipnat.sys 8793643A67B42CEC66490B2A0CF92D68
C:\Windows\System32\drivers\irenum.sys 109C0DFB82C3632FBD11949B73AEEAC9
C:\Windows\System32\drivers\isapnp.sys 6C70698A3E5C4376C6AB5C7C17FB0614
C:\Windows\System32\DRIVERS\msiscsi.sys 232FA340531D940AAC623B121A595034
C:\Windows\System32\drivers\iteatapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\iteraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys 37605E0A8CF00CBBA538E753E4344C6E
C:\Windows\system32\drivers\kbdhid.sys 18247836959BA67E3511B62846B9C2E0
C:\Windows\System32\Drivers\ksecdd.sys 4A1445EFA932A3BAF5BDB02D7131EE20
C:\Windows\System32\DRIVERS\lltdio.sys D1C5883087A0C3F1344D9D55A44901F6
C:\Windows\System32\drivers\lsi_fc.sys C7E15E82879BF3235B559563D4185365
C:\Windows\System32\drivers\lsi_sas.sys EE01EBAE8C9BF0FA072E0FF68718920A
C:\Windows\System32\drivers\lsi_scsi.sys 912A04696E9CA30146A62AFA1463DD5C
C:\Windows\system32\drivers\luafv.sys 8F5C7426567798E62A3B3614965D62CC
C:\Windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\Windows\System32\drivers\megasas.sys 0001CE609D66632FA17B84705F658879
C:\Windows\System32\drivers\megasr.sys C252F32CD9A49DBFC25ECF26EBD51A99
C:\Windows\System32\drivers\modem.sys E13B5EA0F51BA5B1512EC671393D09BA
C:\Windows\System32\DRIVERS\monitor.sys 0A9BB33B56E294F686ABB7C1E4E2D8A8
C:\Windows\System32\DRIVERS\mouclass.sys 5BF6A1326A335C5298477754A506D263
C:\Windows\System32\DRIVERS\mouhid.sys 93B8D4869E12CFBE663915502900876F
C:\Windows\System32\drivers\mountmgr.sys BDAFC88AA6B92F7842416EA6A48E1600
C:\Windows\System32\DRIVERS\MpFilter.sys CF105EE42E3F71E648CEBB3F666E1CF0
C:\Windows\System32\drivers\mpio.sys 511D011289755DD9F9A7579FB0B064E6
C:\Windows\System32\drivers\mpsdrv.sys 22241FEBA9B2DEFA669C8CB0A8DD7D2E
C:\Windows\System32\drivers\mraid35x.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 82CEA0395524AACFEB58BA1448E8325C
C:\Windows\System32\DRIVERS\mrxsmb.sys 1E94971C4B446AB2290DEB71D01CF0C2
C:\Windows\System32\DRIVERS\mrxsmb10.sys 4FCCB34D793B116423209C0F8B7A3B03
C:\Windows\System32\DRIVERS\mrxsmb20.sys C3CB1B40AD4A0124D617A1199B0B9D7C
C:\Windows\System32\drivers\msahci.sys AA305CFF241DA187BD5077DE4A2A043D
C:\Windows\System32\drivers\msdsm.sys 4468B0F385A86ECDDAF8D3CA662EC0E7
C:\Windows\System32\Drivers\Msfs.sys A9927F4A46B816C92F461ACB90CF8515
C:\Windows\System32\drivers\msisadrv.sys 0F400E306F385C56317357D6DEA56F62
C:\Windows\System32\drivers\MSKSSRV.sys D8C63D34D9C9E56C059E24EC7185CC07
C:\Windows\System32\drivers\MSPCLOCK.sys 1D373C90D62DDB641D50E55B9E78D65E
C:\Windows\System32\drivers\MSPQM.sys B572DA05BF4E098D4BBA3A4734FB505B
C:\Windows\System32\Drivers\MsRPC.sys B49456D70555DE905C311BCDA6EC6ADB
C:\Windows\System32\DRIVERS\mssmbios.sys E384487CB84BE41D09711C30CA79646C
C:\Windows\System32\drivers\MSTEE.sys 7199C1EEC1E4993CAF96B8C0A26BD58A
C:\Windows\System32\Drivers\mup.sys 6A57B5733D4CB702C8EA4542E836B96C
C:\Windows\System32\DRIVERS\nwifi.sys 85C44FDFF9CF7E72A40DCB7EC06A4416
C:\Windows\System32\drivers\ndis.sys 1357274D1883F68300AEADD15D7BBB42
C:\Windows\System32\DRIVERS\ndistapi.sys 0E186E90404980569FB449BA7519AE61
C:\Windows\System32\DRIVERS\ndisuio.sys D6973AA34C4D5D76C0430B181C3CD389
C:\Windows\System32\DRIVERS\ndiswan.sys 818F648618AE34F729FDB47EC68345C3
C:\Windows\System32\Drivers\NDProxy.sys 71DAB552B41936358F3B541AE5997FB3
C:\Windows\System32\DRIVERS\netbios.sys BCD093A5A6777CF626434568DC7DBA78
C:\Windows\System32\DRIVERS\netbt.sys ECD64230A59CBD93C85F1CD1CAB9F3F6
C:\Windows\System32\DRIVERS\NETw3v32.sys 35D5458D9A1B26B2005ABFFBF4C1C5E7
C:\Windows\System32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 832E098BCA8235436FE2D8AE50AC3718
C:\Windows\System32\drivers\ccdcmb.sys B0A67DE1A128389AEA4D42C5A56215FD
C:\Windows\System32\drivers\ccdcmbo.sys 025C54F9F8C8BC1894EA38529C742C54
C:\Windows\System32\Drivers\Npfs.sys D36F239D7CCE1931598E8FB90A0DBC26
C:\Windows\System32\drivers\nsiproxy.sys 609773E344A97410CE4EBF74A8914FCF
C:\Windows\System32\Drivers\Ntfs.sys 2C1121F2B87E9A6B12485DF53CD848C7
C:\Windows\system32\drivers\ntrigdigi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys C5DBBCDA07D780BDA9B685DF333BB41E
C:\Windows\System32\DRIVERS\nvmfdx32.sys AE78A7285DF03A277415FC62F8CE8F24
C:\Windows\System32\drivers\nvhda32v.sys B0DD52428BF564F5FC5EE331060BE2A6
C:\Windows\System32\DRIVERS\nvlddmkm.sys 9DAC05D828E56801FD6CE5FDFCED64AF
C:\Windows\System32\drivers\nvraid.sys 2EDF9E7751554B42CBB60116DE727101
C:\Windows\System32\DRIVERS\nvsmu.sys 0FB6BF3AB170FC5BD403D25E134EAFDE
C:\Windows\System32\drivers\nvstor.sys ABED0C09758D1D97DB0042DBB2688177
C:\Windows\system32\drivers\nv_agp.sys 18BBDF913916B71BD54575BDB6EEAC0B
C:\Windows\System32\DRIVERS\ohci1394.sys 790E27C3DB53410B40FF9EF2FD10A1D9
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys B9C2B89F08670E159F7181891E449CD9
C:\Windows\system32\drivers\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys 941DC1D19E7E8620F40BBC206981EFDB
C:\Windows\System32\drivers\pciide.sys 1636D43F10416AEB483BC6001097B26C
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ECFFFAEC0C1ECD8DBC77F39070EA1DB1
C:\Windows\System32\DRIVERS\processr.sys 2027293619DD0F047C584CF2E7DF4FFD
C:\Windows\System32\DRIVERS\pacer.sys 99514FAA8DF93D34B5589187DB3AA0BA
C:\Windows\System32\drivers\ql2300.sys 0A6DB55AFB7820C99AA1F3A1D270F4F6
C:\Windows\System32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys 9F5E0E1926014D17486901C88ECA2DB7
C:\Windows\System32\DRIVERS\rasacd.sys 147D7F9C556D259924351FEB0DE606C3
C:\Windows\System32\DRIVERS\rasl2tp.sys A214ADBAF4CB47DD2728859EF31F26B0
C:\Windows\System32\DRIVERS\raspppoe.sys 509A98DD18AF4375E1FC40BC175F1DEF
C:\Windows\System32\DRIVERS\rassstp.sys 2005F4A1E05FA09389AC85840F0A9E4D
C:\Windows\System32\DRIVERS\rdbss.sys B14C9D5B9ADD2F84F70570BBBFAA7935
C:\Windows\System32\DRIVERS\RDPCDD.sys 89E59BE9A564262A3FB6C4F4F1CD9899
C:\Windows\system32\drivers\rdpdr.sys FBC0BACD9C3D7F6956853F64A66E252D
C:\Windows\System32\drivers\rdpencdd.sys 9D91FE5286F748862ECFFA05F8A0710C
C:\Windows\System32\Drivers\RDPWD.sys C127EBD5AFAB31524662C48DFCEB773A
C:\Windows\System32\DRIVERS\rspndr.sys 9C508F4074A39E8B4B31D27198146FAD
C:\Windows\System32\drivers\RTSTOR.SYS 8DAB5975B5C7923D61506A48E251DBAD
C:\Windows\System32\DRIVERS\s1039bus.sys D0EEDC88876B20D42157CDCCA3E647F3
C:\Windows\System32\DRIVERS\s1039mdfl.sys 7B35091A7BB597C86262C589B0B57D06
C:\Windows\System32\DRIVERS\s1039mdm.sys 4CB1AB13C9813CBF3E4C6406F8043EC2
C:\Windows\System32\DRIVERS\s1039mgmt.sys 2649CA09585A7531126DCC116AD1F88C
C:\Windows\System32\DRIVERS\s1039nd5.sys 6D3F549EFD6DAEDD7D12F3DE2175053F
C:\Windows\System32\DRIVERS\s1039obex.sys 305E3E3ACA0037AF2E2C1B50A383C91B
C:\Windows\System32\DRIVERS\s1039unic.sys 7DD02A58277C84C043442561589914F4
C:\Windows\System32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 126EA89BCC413EE45E3004FB0764888F
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys 8AF3D28A879BF75DB53A0EE7A4289624
C:\Windows\system32\drivers\sffdisk.sys 3EFA810BDCA87F6ECC24F9832243FE86
C:\Windows\system32\drivers\sffp_mmc.sys E95D451F7EA3E583AEC75F3B3EE42DC5
C:\Windows\system32\drivers\sffp_sd.sys 3D0EA348784B7AC9EA9BD9F317980979
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys 1D76624A09A054F682D746B924E2DBC3
C:\Windows\System32\drivers\sisraid2.sys 43CB7AA756C7DB280D01DA9B676CFDE2
C:\Windows\System32\drivers\sisraid4.sys A99C6C8B0BAA970D8AA59DDC50B57F94
C:\Windows\System32\DRIVERS\smb.sys 7B75299A4D201D6A6533603D6914AB04
C:\Windows\System32\Drivers\spldr.sys 7AEBDEEF071FE28B0EEF2CDD69102BFF
C:\Windows\System32\DRIVERS\srv.sys 41987F9FC0E61ADF54F581E15029AD91
C:\Windows\System32\DRIVERS\srv2.sys FF33AFF99564B1AA534F58868CBE41EF
C:\Windows\System32\DRIVERS\srvnet.sys 7605C0E1D01A08F3ECD743F38B834A44
C:\Windows\System32\DRIVERS\swenum.sys 7BA58ECF0C0A9A69D44B3DCA62BECF56
C:\Windows\System32\drivers\symc8xx.sys ==> MD5 is legit
C:\Windows\System32\drivers\sym_hi.sys ==> MD5 is legit
C:\Windows\System32\drivers\sym_u3.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 00B19F27858F56181EDB58B71A7C67A0
C:\Windows\System32\drivers\tcpip.sys 078218D74C4EFC2CE7E4C6DF22A94F2F
C:\Windows\System32\DRIVERS\tcpip.sys 078218D74C4EFC2CE7E4C6DF22A94F2F
C:\Windows\System32\drivers\tcpipreg.sys 4C11A1820DDC37FA653913AD680ACCAE
C:\Windows\System32\drivers\tdpipe.sys 5DCF5E267BE67A1AE926F2DF77FBCC56
C:\Windows\System32\drivers\tdtcp.sys 389C63E32B3CEFED425B61ED92D3F021
C:\Windows\System32\DRIVERS\tdx.sys 76B06EB8A01FC8624D699E7045303E54
C:\Windows\System32\DRIVERS\termdd.sys 3CAD38910468EAB9A6479E2F01DB43C7
C:\Windows\System32\DRIVERS\tssecsrv.sys DCF0F056A2E4F52287264F5AB29CF206
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys F2107C9D85EC0DF116939CCCE06AE697
C:\Windows\System32\DRIVERS\tunmp.sys CAECC0120AC49E3D2F758B9169872D38
C:\Windows\System32\DRIVERS\tunnel.sys 300DB877AC094FEAB0BE7688C3454A9C
C:\Windows\system32\drivers\uagp35.sys 7D33C4DB2CE363C8518D2DFCF533941F
C:\Windows\System32\DRIVERS\udfs.sys D9728AF68C4C7693CB100B8441CBDEC6
C:\Windows\system32\drivers\uliagpkx.sys B0ACFDC9E4AF279E9116C03E014B2B27
C:\Windows\System32\drivers\uliahci.sys 9224BB254F591DE4CA8D572A5F0D635C
C:\Windows\System32\drivers\ulsata.sys ==> MD5 is legit
C:\Windows\System32\drivers\ulsata2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys 32CFF9F809AE9AED85464492BF3E32D2
C:\Windows\System32\DRIVERS\usbser_lowerflt.sys 78B74AF8727A28C128E164E9B53A5413
C:\Windows\System32\DRIVERS\usbccgp.sys CAF811AE4C147FFCD5B51750C7F09142
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys 79E96C23A97CE7B8F14D310DA2DB0C9B
C:\Windows\System32\DRIVERS\usbhub.sys 4673BBCB006AF60E7ABDDBE7A130BA42
C:\Windows\System32\DRIVERS\usbohci.sys CE697FEE0D479290D89BEC80DFE793B7
C:\Windows\System32\DRIVERS\usbprint.sys E75C4B5269091D15A2E7DC0B6D35F2F5
C:\Windows\System32\DRIVERS\usbscan.sys A508C9BD8724980512136B039BBA65E9
C:\Windows\System32\drivers\usbser.sys D575246188F63DE0ACCF6EAC5FB59E6A
C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys 4F8FBC51A1C0A17310846B417A447F91
C:\Windows\System32\DRIVERS\USBSTOR.SYS BE3DA31C191BC222D9AD503C5224F2AD
C:\Windows\System32\DRIVERS\usbuhci.sys 814D653EFC4D48BE3B04A307ECEFF56F
C:\Windows\System32\Drivers\usbvideo.sys E67998E8F14CB0627A769F6530BCB352
C:\Windows\System32\DRIVERS\vgapnp.sys 87B06E1F30B749A114F74622D013F8D4
C:\Windows\System32\drivers\vga.sys 2E93AC0A1D8C79D019DB6C51F036636C
C:\Windows\system32\drivers\viaagp.sys 5D7159DEF58A800D5781BA3A879627BC
C:\Windows\system32\drivers\viac7.sys C4F3A691B5BAD343E6249BD8C2D45DEE
C:\Windows\System32\drivers\viaide.sys EA1AA6E3ABB3C194FEBA12A46DE8CF2C
C:\Windows\System32\drivers\volmgr.sys 69503668AC66C77C6CD7AF86FBDF8C43
C:\Windows\System32\drivers\volmgrx.sys 23E41B834759917BFD6B9A0D625D0C28
C:\Windows\System32\drivers\volsnap.sys 786DB5771F05EF300390399F626BF30A
C:\Windows\System32\drivers\vsmraid.sys 587253E09325E6BF226B299774B728A9
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
C:\Windows\System32\drivers\wd.sys 78FE9542363F297B18C027B2D7E7C07F
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\HSX_CNXT.sys 0ACD399F5DB3DF1B58903CF4949AB5A8
C:\Windows\System32\DRIVERS\wmiacpi.sys 2E7255D172DF0B8283CDFB7B433B864E
C:\Windows\System32\DRIVERS\wpdusb.sys DE9D36F91A4DF3D911626643DEBF11EA
C:\Windows\system32\drivers\ws2ifsl.sys E3A3CB253C0EC2494D4A61F5E43A389C
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xaudio.sys DAB33CFA9DD24251AAA389FF36B64D4B
C:\Windows\System32\DRIVERS\yk60x86.sys 7D1F3B131D503EF43EE594B5A2B9B427
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-21 19:36 - 2013-06-21 19:36 - 00000000 ____D C:\FRST
2013-06-21 19:07 - 2013-06-21 19:08 - 00000000 ____D C:\rsit
2013-06-21 19:07 - 2013-06-21 19:08 - 00000000 ____D C:\Program Files\trend micro
2013-06-20 11:41 - 2013-06-20 11:41 - 00000000 ____D C:\174f0707abb25efe9f9b3014795fb3bb
2013-06-14 03:29 - 2013-06-14 03:29 - 00178757 ____A C:\Users\pavel\AppData\Local\e433e0ea-2e44-488f-b3fa-c49c698ec3d7
2013-06-14 03:29 - 2013-06-14 03:29 - 00146432 ____A C:\Users\pavel\AppData\Local\Ylapdvx.exe
2013-06-13 03:06 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 03:06 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 03:06 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 03:06 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 03:06 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 03:06 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-13 03:06 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 03:06 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 03:06 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 03:06 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-13 03:06 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-13 03:06 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 03:06 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 03:06 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 03:06 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 03:06 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 05:26 - 2013-05-08 05:40 - 00914792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 05:26 - 2013-05-08 03:58 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-06-12 05:26 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-12 05:26 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-12 05:26 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 05:26 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 05:26 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 05:25 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-09 19:36 - 2013-06-09 19:36 - 00016142 ____A C:\Users\pavel\Desktop\hs_err_pid1368.log
2013-06-02 18:29 - 2013-06-02 15:48 - 01103360 ____A C:\Users\pavel\Desktop\TROPICKÝ PRALES.ppt
==================== One Month Modified Files and Folders ========
2013-06-21 19:36 - 2013-06-21 19:36 - 00000000 ____D C:\FRST
2013-06-21 19:08 - 2013-06-21 19:07 - 00000000 ____D C:\rsit
2013-06-21 19:08 - 2013-06-21 19:07 - 00000000 ____D C:\Program Files\trend micro
2013-06-21 19:04 - 2006-11-02 12:33 - 01418466 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-21 18:58 - 2011-10-05 12:43 - 00000940 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-21 18:58 - 2009-01-14 20:18 - 01424069 ____A C:\Windows\WindowsUpdate.log
2013-06-21 18:57 - 2009-06-13 09:00 - 00064431 ____A C:\ProgramData\nvModes.001
2013-06-21 18:57 - 2009-06-12 11:53 - 00064431 ____A C:\ProgramData\nvModes.dat
2013-06-21 18:56 - 2011-10-05 12:43 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-21 18:56 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-21 18:56 - 2006-11-02 14:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-21 18:56 - 2006-11-02 14:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-20 12:27 - 2012-04-22 18:27 - 00000914 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-20 11:41 - 2013-06-20 11:41 - 00000000 ____D C:\174f0707abb25efe9f9b3014795fb3bb
2013-06-15 12:15 - 2009-05-27 20:30 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Skype
2013-06-15 12:15 - 2009-05-27 20:13 - 00000000 ____D C:\Users\pavel\AppData\Roaming\ICQ
2013-06-15 11:57 - 2006-11-02 15:01 - 00032522 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-15 11:54 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\LogFiles
2013-06-14 14:30 - 2012-01-16 22:04 - 00007494 ____A C:\Windows\PFRO.log
2013-06-14 03:29 - 2013-06-14 03:29 - 00178757 ____A C:\Users\pavel\AppData\Local\e433e0ea-2e44-488f-b3fa-c49c698ec3d7
2013-06-14 03:29 - 2013-06-14 03:29 - 00146432 ____A C:\Users\pavel\AppData\Local\Ylapdvx.exe
2013-06-14 02:35 - 2011-10-18 18:48 - 00000982 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000UA.job
2013-06-13 12:45 - 2011-10-18 18:48 - 00000960 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000Core.job
2013-06-13 05:28 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-13 05:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\sk-SK
2013-06-12 14:23 - 2011-11-10 04:25 - 00002395 ____A C:\Users\Public\Desktop\Skype.lnk
2013-06-12 12:32 - 2009-10-05 18:57 - 00055296 ____A C:\Users\pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-11 21:34 - 2012-04-22 18:27 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-11 21:34 - 2011-12-31 22:31 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-11 08:02 - 2009-06-04 18:38 - 00000000 ____D C:\Users\pavel\AppData\Local\Adobe
2013-06-09 19:36 - 2013-06-09 19:36 - 00016142 ____A C:\Users\pavel\Desktop\hs_err_pid1368.log
2013-06-07 20:11 - 2009-05-29 19:50 - 00000052 ____A C:\Windows\System32\DOErrors.log
2013-06-03 15:25 - 2012-06-25 14:30 - 00000000 ____D C:\Users\pavel\Desktop\FILMY
2013-06-03 15:17 - 2006-11-02 14:47 - 00289832 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-03 12:17 - 2010-03-01 18:58 - 00073128 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2013-06-02 17:21 - 2006-11-02 12:24 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-02 15:48 - 2013-06-02 18:29 - 01103360 ____A C:\Users\pavel\Desktop\TROPICKÝ PRALES.ppt
2013-06-02 11:30 - 2009-05-27 20:23 - 00007178 ____A C:\Users\pavel\AppData\Roaming\wklnhst.dat
2013-06-02 11:17 - 2009-05-27 18:56 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-02 11:17 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-02 11:16 - 2010-06-02 17:47 - 00000000 ____D C:\Program Files\MSECache
2013-06-02 10:58 - 2012-01-16 22:05 - 00015297 ____A C:\Windows\setupact.log
2013-05-31 19:45 - 2010-06-02 17:52 - 00000000 ____D C:\Users\pavel\Desktop\fotky
Files to move or delete:
====================
C:\ProgramData\nvModes.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=C:
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {a9a772cd-33f5-11dd-8dd3-f60ab8d5cad9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
resume No
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {572bcd55-ffa7-11d9-aae2-0007e994107d}
device ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description HP Recovery Manager
osdevice ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Microsoft Windows Vista
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {572bcd55-ffa7-11d9-aae2-0007e994107d}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {a9a772cd-33f5-11dd-8dd3-f60ab8d5cad9}
nx OptIn
Obnovenˇ z hibernace
---------------------
identifik tor {a9a772cd-33f5-11dd-8dd3-f60ab8d5cad9}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes
Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes
Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Chyby pamŘti RAM
-----------
identifik tor {badmemory}
Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}
Parametry instalaźnˇho disku RAM
---------------------
identifik tor {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \boot\boot.sdi
LastRegBack: 2013-06-21 19:20
==================== End Of Log ============================
Ran by pavel (administrator) on 21-06-2013 19:36:26
Running from F:\
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13797920 2009-07-23] (NVIDIA Corporation)
HKLM\...\Run: [] [x]
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [Fe0uUA1mlrHyN] C:\Users\pavel\AppData\Local\Ylapdvx.exe [146432 2013-06-14] ()
HKU\pavel\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [ 2012-07-13] (Skype Technologies S.A.)
HKU\pavel\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\pavel\...\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 [ 2011-03-01] (ICQ, LLC.)
HKU\pavel\...\Run: [Facebook Update] "C:\Users\pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [ 2012-07-12] (Facebook Inc.)
HKU\pavel\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-21] (Microsoft Corporation)
HKU\pavel\...\Run: [Fe0uUA1mlrHyN] C:\Users\pavel\AppData\Local\Ylapdvx.exe [ 2013-06-14] ()
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - {89F0EFA3-627F-4666-B6B5-BA622E51008A} URL = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
SearchScopes: HKLM - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu.com/web?src=ieb&sys ... earchTerms}
HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll (Crawler, LLC)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - No File
BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - No File
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
BHO: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: BandooIEPlugin Class - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - No Name - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No File
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
========================== Services (Whitelisted) =================
S2 Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [1960336 2011-01-13] (Bandoo Media Inc.)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)
S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247096 2011-02-28] ()
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
S2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [153808 2010-06-08] (Avanquest Software)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435008 2011-06-21] (TuneUp Software)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1051968 2010-07-06] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [103040 2008-12-30] (Huawei Technologies Co., Ltd.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-25] (TuneUp Software)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
========================== Drivers MD5 =======================
C:\Windows\System32\drivers\acpi.sys 82B296AE1892FE3DBEE00C9CF92F8AC7
C:\Windows\System32\drivers\adp94xx.sys 04F0FCAC69C7C71A3AC4EB97FAFC8303
C:\Windows\System32\drivers\adpahci.sys 60505E0041F7751BDBB80F88BF45C2CE
C:\Windows\System32\drivers\adpu160m.sys 8A42779B02AEC986EAB64ECFC98F8BD7
C:\Windows\System32\drivers\adpu320.sys 241C9E37F8CE45EF51C3DE27515CA4E5
C:\Windows\system32\drivers\afd.sys 3911B972B55FEA0478476B2E777B29FA
C:\Windows\system32\drivers\agp440.sys 13F9E33747E6B41A3FF305C37DB0D360
C:\Windows\System32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\System32\drivers\aliide.sys 3D76FDA1A10ACC3DC84728F55C29B6D4
C:\Windows\system32\drivers\amdagp.sys C47344BC706E5F0B9DCE369516661578
C:\Windows\System32\drivers\amdide.sys 5B92E7839F5A1FBC1B39DE67758AD6F8
C:\Windows\system32\drivers\amdk7.sys 18F29B49AD23ECEE3D2A826C725C8D48
C:\Windows\system32\drivers\amdk8.sys 93AE7F7DD54AB986A6F1A1B37BE7442D
C:\Windows\System32\drivers\arc.sys 5D2888182FB46632511ACEE92FDAD522
C:\Windows\System32\drivers\arcsas.sys 5E2A321BD7C8B3624E41FDEC3E244945
C:\Windows\System32\DRIVERS\asyncmac.sys 53B202ABEE6455406254444303E87BE1
C:\Windows\System32\drivers\atapi.sys 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\System32\DRIVERS\athr.sys 600EFE56F37ADBD65A0FB076B50D1B8D
C:\Windows\System32\Drivers\Beep.sys 67E506B75BD5326A3EC7B70BD014DFB6
C:\Windows\system32\drivers\blbdrive.sys D4DF28447741FD3D953526E33A617397
C:\Windows\System32\DRIVERS\bowser.sys 35F376253F687BDE63976CCB3F2108CA
C:\Windows\system32\drivers\brfiltlo.sys ==> MD5 is legit
C:\Windows\system32\drivers\brfiltup.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserid.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserwdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbmdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbser.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys 7ADD03E75BEB9E6DD102C3081D29840A
C:\Windows\System32\DRIVERS\cdrom.sys 6B4BFFB9BECD728097024276430DB314
C:\Windows\system32\drivers\circlass.sys E5D4133F37219DBCFE102BC61072589D
C:\Windows\System32\CLFS.sys D7659D3B5B92C31E84E53C1431F35132
C:\Windows\System32\DRIVERS\CmBatt.sys 99AFC3795B58CC478FBBBCDC658FCB56
C:\Windows\System32\drivers\cmdide.sys D36372A6EA6805EFBE8884D10772313F
C:\Windows\System32\drivers\CHDRT32.sys 1ADF6F4852E7D7E2E8AC481BDB970586
C:\Windows\System32\DRIVERS\compbatt.sys 6AFEF0B60FA25DE07C0968983EE4F60A
C:\Windows\System32\drivers\crcdisk.sys 741E9DFF4F42D2D8477D0FC1DC0DF871
C:\Windows\system32\drivers\crusoe.sys 1F07BECDCA750766A96CDA811BA86410
C:\Windows\System32\Drivers\dfsc.sys 622C41A07CA7E6DD91770F50D532CB6C
C:\Windows\System32\drivers\disk.sys 5D4AEFC3386920236A548271F8F1AF6A
C:\Windows\System32\drivers\drmkaud.sys 97FEF831AB90BEE128C9AF390E243F80
C:\Windows\System32\drivers\dxgkrnl.sys 5DE0FAEC9E5D1AAE74F8568897891A01
C:\Windows\System32\DRIVERS\E1G60I32.sys 5425F74AC0C1DBD96A1E04F17D63F94C
C:\Windows\System32\drivers\ecache.sys 7F64EA048DCFAC7ACF8B4D7B4E6FE371
C:\Windows\System32\drivers\elxstor.sys 23B62471681A124889978F6295B3F4C6
C:\Windows\system32\drivers\errdev.sys 3DB974F3935483555D7148663F726C61
C:\Windows\System32\Drivers\exfat.sys 22B408651F9123527BCEE54B4F6C5CAE
C:\Windows\System32\Drivers\fastfat.sys 1E9B9A70D332103C52995E957DC09EF8
C:\Windows\System32\DRIVERS\fdc.sys AFE1E8B9782A0DD7FB46BBD88E43F89A
C:\Windows\System32\drivers\fileinfo.sys A8C0139A884861E3AAE9CFE73B208A9F
C:\Windows\System32\drivers\filetrace.sys 0AE429A696AECBC5970E3CF2C62635AE
C:\Windows\System32\DRIVERS\flpydisk.sys 85B7CF99D532820495D68D747FDA9EBD
C:\Windows\System32\drivers\fltmgr.sys 01334F9EA68E6877C4EF05D3EA8ABB05
C:\Windows\System32\DRIVERS\fssfltr.sys D909075FA72C090F27AA926C32CB4612
C:\Windows\System32\Drivers\Fs_Rec.sys B972A66758577E0BFD1DE0F91AAA27B5
C:\Windows\system32\drivers\gagp30kx.sys 34582A6E6573D54A07ECE5FE24A126B5
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys 062452B7FFD68C8C042A6261FE8DFF4A
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys CCA4B519B17E23A00B826C55716809CC
C:\Windows\System32\drivers\hpcisss.sys 16EE7B23A009E00D835CDB79574A91A6
C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 35956140E686D53BF676CF0C778880FC
C:\Windows\System32\DRIVERS\HSX_DPV.sys CC267848CB3508E72762BE65734E764D
C:\Windows\System32\DRIVERS\HSXHWAZL.sys A2882945CC4B6E3E4E9E825590438888
C:\Windows\System32\drivers\HTTP.sys F870AA3E254628EBEAFE754108D664DE
C:\Windows\System32\DRIVERS\ewusbmdm.sys 92CA47DA32009CCC00A5ADED04ABBD78
C:\Windows\System32\DRIVERS\ewusbfake.sys 1D4D6D24256F61E6B08A3CF8184A78B8
C:\Windows\System32\drivers\i2omp.sys C6B032D69650985468160FC9937CF5B4
C:\Windows\System32\DRIVERS\i8042prt.sys 22D56C8184586B7A1F6FA60BE5F5A2BD
C:\Windows\System32\drivers\iastorv.sys 54155EA1B0DF185878E0FC9EC3AC3A14
C:\Windows\System32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys DD512A049BD7B4BCE8A83554C5EFF2C1
C:\Windows\System32\DRIVERS\intelppm.sys 224191001E78C89DFA78924C3EA595FF
C:\Windows\System32\DRIVERS\ipfltdrv.sys 62C265C38769B864CB25B4BCF62DF6C3
C:\Windows\system32\drivers\ipmidrv.sys B25AAF203552B7B3491139D582B39AD1
C:\Windows\System32\DRIVERS\ipnat.sys 8793643A67B42CEC66490B2A0CF92D68
C:\Windows\System32\drivers\irenum.sys 109C0DFB82C3632FBD11949B73AEEAC9
C:\Windows\System32\drivers\isapnp.sys 6C70698A3E5C4376C6AB5C7C17FB0614
C:\Windows\System32\DRIVERS\msiscsi.sys 232FA340531D940AAC623B121A595034
C:\Windows\System32\drivers\iteatapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\iteraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys 37605E0A8CF00CBBA538E753E4344C6E
C:\Windows\system32\drivers\kbdhid.sys 18247836959BA67E3511B62846B9C2E0
C:\Windows\System32\Drivers\ksecdd.sys 4A1445EFA932A3BAF5BDB02D7131EE20
C:\Windows\System32\DRIVERS\lltdio.sys D1C5883087A0C3F1344D9D55A44901F6
C:\Windows\System32\drivers\lsi_fc.sys C7E15E82879BF3235B559563D4185365
C:\Windows\System32\drivers\lsi_sas.sys EE01EBAE8C9BF0FA072E0FF68718920A
C:\Windows\System32\drivers\lsi_scsi.sys 912A04696E9CA30146A62AFA1463DD5C
C:\Windows\system32\drivers\luafv.sys 8F5C7426567798E62A3B3614965D62CC
C:\Windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\Windows\System32\drivers\megasas.sys 0001CE609D66632FA17B84705F658879
C:\Windows\System32\drivers\megasr.sys C252F32CD9A49DBFC25ECF26EBD51A99
C:\Windows\System32\drivers\modem.sys E13B5EA0F51BA5B1512EC671393D09BA
C:\Windows\System32\DRIVERS\monitor.sys 0A9BB33B56E294F686ABB7C1E4E2D8A8
C:\Windows\System32\DRIVERS\mouclass.sys 5BF6A1326A335C5298477754A506D263
C:\Windows\System32\DRIVERS\mouhid.sys 93B8D4869E12CFBE663915502900876F
C:\Windows\System32\drivers\mountmgr.sys BDAFC88AA6B92F7842416EA6A48E1600
C:\Windows\System32\DRIVERS\MpFilter.sys CF105EE42E3F71E648CEBB3F666E1CF0
C:\Windows\System32\drivers\mpio.sys 511D011289755DD9F9A7579FB0B064E6
C:\Windows\System32\drivers\mpsdrv.sys 22241FEBA9B2DEFA669C8CB0A8DD7D2E
C:\Windows\System32\drivers\mraid35x.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 82CEA0395524AACFEB58BA1448E8325C
C:\Windows\System32\DRIVERS\mrxsmb.sys 1E94971C4B446AB2290DEB71D01CF0C2
C:\Windows\System32\DRIVERS\mrxsmb10.sys 4FCCB34D793B116423209C0F8B7A3B03
C:\Windows\System32\DRIVERS\mrxsmb20.sys C3CB1B40AD4A0124D617A1199B0B9D7C
C:\Windows\System32\drivers\msahci.sys AA305CFF241DA187BD5077DE4A2A043D
C:\Windows\System32\drivers\msdsm.sys 4468B0F385A86ECDDAF8D3CA662EC0E7
C:\Windows\System32\Drivers\Msfs.sys A9927F4A46B816C92F461ACB90CF8515
C:\Windows\System32\drivers\msisadrv.sys 0F400E306F385C56317357D6DEA56F62
C:\Windows\System32\drivers\MSKSSRV.sys D8C63D34D9C9E56C059E24EC7185CC07
C:\Windows\System32\drivers\MSPCLOCK.sys 1D373C90D62DDB641D50E55B9E78D65E
C:\Windows\System32\drivers\MSPQM.sys B572DA05BF4E098D4BBA3A4734FB505B
C:\Windows\System32\Drivers\MsRPC.sys B49456D70555DE905C311BCDA6EC6ADB
C:\Windows\System32\DRIVERS\mssmbios.sys E384487CB84BE41D09711C30CA79646C
C:\Windows\System32\drivers\MSTEE.sys 7199C1EEC1E4993CAF96B8C0A26BD58A
C:\Windows\System32\Drivers\mup.sys 6A57B5733D4CB702C8EA4542E836B96C
C:\Windows\System32\DRIVERS\nwifi.sys 85C44FDFF9CF7E72A40DCB7EC06A4416
C:\Windows\System32\drivers\ndis.sys 1357274D1883F68300AEADD15D7BBB42
C:\Windows\System32\DRIVERS\ndistapi.sys 0E186E90404980569FB449BA7519AE61
C:\Windows\System32\DRIVERS\ndisuio.sys D6973AA34C4D5D76C0430B181C3CD389
C:\Windows\System32\DRIVERS\ndiswan.sys 818F648618AE34F729FDB47EC68345C3
C:\Windows\System32\Drivers\NDProxy.sys 71DAB552B41936358F3B541AE5997FB3
C:\Windows\System32\DRIVERS\netbios.sys BCD093A5A6777CF626434568DC7DBA78
C:\Windows\System32\DRIVERS\netbt.sys ECD64230A59CBD93C85F1CD1CAB9F3F6
C:\Windows\System32\DRIVERS\NETw3v32.sys 35D5458D9A1B26B2005ABFFBF4C1C5E7
C:\Windows\System32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 832E098BCA8235436FE2D8AE50AC3718
C:\Windows\System32\drivers\ccdcmb.sys B0A67DE1A128389AEA4D42C5A56215FD
C:\Windows\System32\drivers\ccdcmbo.sys 025C54F9F8C8BC1894EA38529C742C54
C:\Windows\System32\Drivers\Npfs.sys D36F239D7CCE1931598E8FB90A0DBC26
C:\Windows\System32\drivers\nsiproxy.sys 609773E344A97410CE4EBF74A8914FCF
C:\Windows\System32\Drivers\Ntfs.sys 2C1121F2B87E9A6B12485DF53CD848C7
C:\Windows\system32\drivers\ntrigdigi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys C5DBBCDA07D780BDA9B685DF333BB41E
C:\Windows\System32\DRIVERS\nvmfdx32.sys AE78A7285DF03A277415FC62F8CE8F24
C:\Windows\System32\drivers\nvhda32v.sys B0DD52428BF564F5FC5EE331060BE2A6
C:\Windows\System32\DRIVERS\nvlddmkm.sys 9DAC05D828E56801FD6CE5FDFCED64AF
C:\Windows\System32\drivers\nvraid.sys 2EDF9E7751554B42CBB60116DE727101
C:\Windows\System32\DRIVERS\nvsmu.sys 0FB6BF3AB170FC5BD403D25E134EAFDE
C:\Windows\System32\drivers\nvstor.sys ABED0C09758D1D97DB0042DBB2688177
C:\Windows\system32\drivers\nv_agp.sys 18BBDF913916B71BD54575BDB6EEAC0B
C:\Windows\System32\DRIVERS\ohci1394.sys 790E27C3DB53410B40FF9EF2FD10A1D9
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys B9C2B89F08670E159F7181891E449CD9
C:\Windows\system32\drivers\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys 941DC1D19E7E8620F40BBC206981EFDB
C:\Windows\System32\drivers\pciide.sys 1636D43F10416AEB483BC6001097B26C
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ECFFFAEC0C1ECD8DBC77F39070EA1DB1
C:\Windows\System32\DRIVERS\processr.sys 2027293619DD0F047C584CF2E7DF4FFD
C:\Windows\System32\DRIVERS\pacer.sys 99514FAA8DF93D34B5589187DB3AA0BA
C:\Windows\System32\drivers\ql2300.sys 0A6DB55AFB7820C99AA1F3A1D270F4F6
C:\Windows\System32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys 9F5E0E1926014D17486901C88ECA2DB7
C:\Windows\System32\DRIVERS\rasacd.sys 147D7F9C556D259924351FEB0DE606C3
C:\Windows\System32\DRIVERS\rasl2tp.sys A214ADBAF4CB47DD2728859EF31F26B0
C:\Windows\System32\DRIVERS\raspppoe.sys 509A98DD18AF4375E1FC40BC175F1DEF
C:\Windows\System32\DRIVERS\rassstp.sys 2005F4A1E05FA09389AC85840F0A9E4D
C:\Windows\System32\DRIVERS\rdbss.sys B14C9D5B9ADD2F84F70570BBBFAA7935
C:\Windows\System32\DRIVERS\RDPCDD.sys 89E59BE9A564262A3FB6C4F4F1CD9899
C:\Windows\system32\drivers\rdpdr.sys FBC0BACD9C3D7F6956853F64A66E252D
C:\Windows\System32\drivers\rdpencdd.sys 9D91FE5286F748862ECFFA05F8A0710C
C:\Windows\System32\Drivers\RDPWD.sys C127EBD5AFAB31524662C48DFCEB773A
C:\Windows\System32\DRIVERS\rspndr.sys 9C508F4074A39E8B4B31D27198146FAD
C:\Windows\System32\drivers\RTSTOR.SYS 8DAB5975B5C7923D61506A48E251DBAD
C:\Windows\System32\DRIVERS\s1039bus.sys D0EEDC88876B20D42157CDCCA3E647F3
C:\Windows\System32\DRIVERS\s1039mdfl.sys 7B35091A7BB597C86262C589B0B57D06
C:\Windows\System32\DRIVERS\s1039mdm.sys 4CB1AB13C9813CBF3E4C6406F8043EC2
C:\Windows\System32\DRIVERS\s1039mgmt.sys 2649CA09585A7531126DCC116AD1F88C
C:\Windows\System32\DRIVERS\s1039nd5.sys 6D3F549EFD6DAEDD7D12F3DE2175053F
C:\Windows\System32\DRIVERS\s1039obex.sys 305E3E3ACA0037AF2E2C1B50A383C91B
C:\Windows\System32\DRIVERS\s1039unic.sys 7DD02A58277C84C043442561589914F4
C:\Windows\System32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 126EA89BCC413EE45E3004FB0764888F
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys 8AF3D28A879BF75DB53A0EE7A4289624
C:\Windows\system32\drivers\sffdisk.sys 3EFA810BDCA87F6ECC24F9832243FE86
C:\Windows\system32\drivers\sffp_mmc.sys E95D451F7EA3E583AEC75F3B3EE42DC5
C:\Windows\system32\drivers\sffp_sd.sys 3D0EA348784B7AC9EA9BD9F317980979
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys 1D76624A09A054F682D746B924E2DBC3
C:\Windows\System32\drivers\sisraid2.sys 43CB7AA756C7DB280D01DA9B676CFDE2
C:\Windows\System32\drivers\sisraid4.sys A99C6C8B0BAA970D8AA59DDC50B57F94
C:\Windows\System32\DRIVERS\smb.sys 7B75299A4D201D6A6533603D6914AB04
C:\Windows\System32\Drivers\spldr.sys 7AEBDEEF071FE28B0EEF2CDD69102BFF
C:\Windows\System32\DRIVERS\srv.sys 41987F9FC0E61ADF54F581E15029AD91
C:\Windows\System32\DRIVERS\srv2.sys FF33AFF99564B1AA534F58868CBE41EF
C:\Windows\System32\DRIVERS\srvnet.sys 7605C0E1D01A08F3ECD743F38B834A44
C:\Windows\System32\DRIVERS\swenum.sys 7BA58ECF0C0A9A69D44B3DCA62BECF56
C:\Windows\System32\drivers\symc8xx.sys ==> MD5 is legit
C:\Windows\System32\drivers\sym_hi.sys ==> MD5 is legit
C:\Windows\System32\drivers\sym_u3.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 00B19F27858F56181EDB58B71A7C67A0
C:\Windows\System32\drivers\tcpip.sys 078218D74C4EFC2CE7E4C6DF22A94F2F
C:\Windows\System32\DRIVERS\tcpip.sys 078218D74C4EFC2CE7E4C6DF22A94F2F
C:\Windows\System32\drivers\tcpipreg.sys 4C11A1820DDC37FA653913AD680ACCAE
C:\Windows\System32\drivers\tdpipe.sys 5DCF5E267BE67A1AE926F2DF77FBCC56
C:\Windows\System32\drivers\tdtcp.sys 389C63E32B3CEFED425B61ED92D3F021
C:\Windows\System32\DRIVERS\tdx.sys 76B06EB8A01FC8624D699E7045303E54
C:\Windows\System32\DRIVERS\termdd.sys 3CAD38910468EAB9A6479E2F01DB43C7
C:\Windows\System32\DRIVERS\tssecsrv.sys DCF0F056A2E4F52287264F5AB29CF206
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys F2107C9D85EC0DF116939CCCE06AE697
C:\Windows\System32\DRIVERS\tunmp.sys CAECC0120AC49E3D2F758B9169872D38
C:\Windows\System32\DRIVERS\tunnel.sys 300DB877AC094FEAB0BE7688C3454A9C
C:\Windows\system32\drivers\uagp35.sys 7D33C4DB2CE363C8518D2DFCF533941F
C:\Windows\System32\DRIVERS\udfs.sys D9728AF68C4C7693CB100B8441CBDEC6
C:\Windows\system32\drivers\uliagpkx.sys B0ACFDC9E4AF279E9116C03E014B2B27
C:\Windows\System32\drivers\uliahci.sys 9224BB254F591DE4CA8D572A5F0D635C
C:\Windows\System32\drivers\ulsata.sys ==> MD5 is legit
C:\Windows\System32\drivers\ulsata2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys 32CFF9F809AE9AED85464492BF3E32D2
C:\Windows\System32\DRIVERS\usbser_lowerflt.sys 78B74AF8727A28C128E164E9B53A5413
C:\Windows\System32\DRIVERS\usbccgp.sys CAF811AE4C147FFCD5B51750C7F09142
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys 79E96C23A97CE7B8F14D310DA2DB0C9B
C:\Windows\System32\DRIVERS\usbhub.sys 4673BBCB006AF60E7ABDDBE7A130BA42
C:\Windows\System32\DRIVERS\usbohci.sys CE697FEE0D479290D89BEC80DFE793B7
C:\Windows\System32\DRIVERS\usbprint.sys E75C4B5269091D15A2E7DC0B6D35F2F5
C:\Windows\System32\DRIVERS\usbscan.sys A508C9BD8724980512136B039BBA65E9
C:\Windows\System32\drivers\usbser.sys D575246188F63DE0ACCF6EAC5FB59E6A
C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys 4F8FBC51A1C0A17310846B417A447F91
C:\Windows\System32\DRIVERS\USBSTOR.SYS BE3DA31C191BC222D9AD503C5224F2AD
C:\Windows\System32\DRIVERS\usbuhci.sys 814D653EFC4D48BE3B04A307ECEFF56F
C:\Windows\System32\Drivers\usbvideo.sys E67998E8F14CB0627A769F6530BCB352
C:\Windows\System32\DRIVERS\vgapnp.sys 87B06E1F30B749A114F74622D013F8D4
C:\Windows\System32\drivers\vga.sys 2E93AC0A1D8C79D019DB6C51F036636C
C:\Windows\system32\drivers\viaagp.sys 5D7159DEF58A800D5781BA3A879627BC
C:\Windows\system32\drivers\viac7.sys C4F3A691B5BAD343E6249BD8C2D45DEE
C:\Windows\System32\drivers\viaide.sys EA1AA6E3ABB3C194FEBA12A46DE8CF2C
C:\Windows\System32\drivers\volmgr.sys 69503668AC66C77C6CD7AF86FBDF8C43
C:\Windows\System32\drivers\volmgrx.sys 23E41B834759917BFD6B9A0D625D0C28
C:\Windows\System32\drivers\volsnap.sys 786DB5771F05EF300390399F626BF30A
C:\Windows\System32\drivers\vsmraid.sys 587253E09325E6BF226B299774B728A9
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
C:\Windows\System32\DRIVERS\wanarp.sys 55201897378CCA7AF8B5EFD874374A26
C:\Windows\System32\drivers\wd.sys 78FE9542363F297B18C027B2D7E7C07F
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\HSX_CNXT.sys 0ACD399F5DB3DF1B58903CF4949AB5A8
C:\Windows\System32\DRIVERS\wmiacpi.sys 2E7255D172DF0B8283CDFB7B433B864E
C:\Windows\System32\DRIVERS\wpdusb.sys DE9D36F91A4DF3D911626643DEBF11EA
C:\Windows\system32\drivers\ws2ifsl.sys E3A3CB253C0EC2494D4A61F5E43A389C
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xaudio.sys DAB33CFA9DD24251AAA389FF36B64D4B
C:\Windows\System32\DRIVERS\yk60x86.sys 7D1F3B131D503EF43EE594B5A2B9B427
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-21 19:36 - 2013-06-21 19:36 - 00000000 ____D C:\FRST
2013-06-21 19:07 - 2013-06-21 19:08 - 00000000 ____D C:\rsit
2013-06-21 19:07 - 2013-06-21 19:08 - 00000000 ____D C:\Program Files\trend micro
2013-06-20 11:41 - 2013-06-20 11:41 - 00000000 ____D C:\174f0707abb25efe9f9b3014795fb3bb
2013-06-14 03:29 - 2013-06-14 03:29 - 00178757 ____A C:\Users\pavel\AppData\Local\e433e0ea-2e44-488f-b3fa-c49c698ec3d7
2013-06-14 03:29 - 2013-06-14 03:29 - 00146432 ____A C:\Users\pavel\AppData\Local\Ylapdvx.exe
2013-06-13 03:06 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 03:06 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 03:06 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 03:06 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 03:06 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 03:06 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-13 03:06 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 03:06 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 03:06 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 03:06 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-13 03:06 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-13 03:06 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 03:06 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 03:06 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 03:06 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 03:06 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 05:26 - 2013-05-08 05:40 - 00914792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 05:26 - 2013-05-08 03:58 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-06-12 05:26 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-12 05:26 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-12 05:26 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 05:26 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 05:26 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 05:26 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 05:25 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-09 19:36 - 2013-06-09 19:36 - 00016142 ____A C:\Users\pavel\Desktop\hs_err_pid1368.log
2013-06-02 18:29 - 2013-06-02 15:48 - 01103360 ____A C:\Users\pavel\Desktop\TROPICKÝ PRALES.ppt
==================== One Month Modified Files and Folders ========
2013-06-21 19:36 - 2013-06-21 19:36 - 00000000 ____D C:\FRST
2013-06-21 19:08 - 2013-06-21 19:07 - 00000000 ____D C:\rsit
2013-06-21 19:08 - 2013-06-21 19:07 - 00000000 ____D C:\Program Files\trend micro
2013-06-21 19:04 - 2006-11-02 12:33 - 01418466 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-21 18:58 - 2011-10-05 12:43 - 00000940 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-21 18:58 - 2009-01-14 20:18 - 01424069 ____A C:\Windows\WindowsUpdate.log
2013-06-21 18:57 - 2009-06-13 09:00 - 00064431 ____A C:\ProgramData\nvModes.001
2013-06-21 18:57 - 2009-06-12 11:53 - 00064431 ____A C:\ProgramData\nvModes.dat
2013-06-21 18:56 - 2011-10-05 12:43 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-21 18:56 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-21 18:56 - 2006-11-02 14:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-21 18:56 - 2006-11-02 14:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-20 12:27 - 2012-04-22 18:27 - 00000914 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-20 11:41 - 2013-06-20 11:41 - 00000000 ____D C:\174f0707abb25efe9f9b3014795fb3bb
2013-06-15 12:15 - 2009-05-27 20:30 - 00000000 ____D C:\Users\pavel\AppData\Roaming\Skype
2013-06-15 12:15 - 2009-05-27 20:13 - 00000000 ____D C:\Users\pavel\AppData\Roaming\ICQ
2013-06-15 11:57 - 2006-11-02 15:01 - 00032522 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-15 11:54 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\LogFiles
2013-06-14 14:30 - 2012-01-16 22:04 - 00007494 ____A C:\Windows\PFRO.log
2013-06-14 03:29 - 2013-06-14 03:29 - 00178757 ____A C:\Users\pavel\AppData\Local\e433e0ea-2e44-488f-b3fa-c49c698ec3d7
2013-06-14 03:29 - 2013-06-14 03:29 - 00146432 ____A C:\Users\pavel\AppData\Local\Ylapdvx.exe
2013-06-14 02:35 - 2011-10-18 18:48 - 00000982 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000UA.job
2013-06-13 12:45 - 2011-10-18 18:48 - 00000960 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000Core.job
2013-06-13 05:28 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-13 05:02 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\sk-SK
2013-06-12 14:23 - 2011-11-10 04:25 - 00002395 ____A C:\Users\Public\Desktop\Skype.lnk
2013-06-12 12:32 - 2009-10-05 18:57 - 00055296 ____A C:\Users\pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-11 21:34 - 2012-04-22 18:27 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-11 21:34 - 2011-12-31 22:31 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-11 08:02 - 2009-06-04 18:38 - 00000000 ____D C:\Users\pavel\AppData\Local\Adobe
2013-06-09 19:36 - 2013-06-09 19:36 - 00016142 ____A C:\Users\pavel\Desktop\hs_err_pid1368.log
2013-06-07 20:11 - 2009-05-29 19:50 - 00000052 ____A C:\Windows\System32\DOErrors.log
2013-06-03 15:25 - 2012-06-25 14:30 - 00000000 ____D C:\Users\pavel\Desktop\FILMY
2013-06-03 15:17 - 2006-11-02 14:47 - 00289832 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-03 12:17 - 2010-03-01 18:58 - 00073128 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2013-06-02 17:21 - 2006-11-02 12:24 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-02 15:48 - 2013-06-02 18:29 - 01103360 ____A C:\Users\pavel\Desktop\TROPICKÝ PRALES.ppt
2013-06-02 11:30 - 2009-05-27 20:23 - 00007178 ____A C:\Users\pavel\AppData\Roaming\wklnhst.dat
2013-06-02 11:17 - 2009-05-27 18:56 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-02 11:17 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-02 11:16 - 2010-06-02 17:47 - 00000000 ____D C:\Program Files\MSECache
2013-06-02 10:58 - 2012-01-16 22:05 - 00015297 ____A C:\Windows\setupact.log
2013-05-31 19:45 - 2010-06-02 17:52 - 00000000 ____D C:\Users\pavel\Desktop\fotky
Files to move or delete:
====================
C:\ProgramData\nvModes.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=C:
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {a9a772cd-33f5-11dd-8dd3-f60ab8d5cad9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
resume No
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {572bcd55-ffa7-11d9-aae2-0007e994107d}
device ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description HP Recovery Manager
osdevice ramdisk=[D:]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Microsoft Windows Vista
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {572bcd55-ffa7-11d9-aae2-0007e994107d}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {a9a772cd-33f5-11dd-8dd3-f60ab8d5cad9}
nx OptIn
Obnovenˇ z hibernace
---------------------
identifik tor {a9a772cd-33f5-11dd-8dd3-f60ab8d5cad9}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes
Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes
Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Chyby pamŘti RAM
-----------
identifik tor {badmemory}
Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}
Parametry instalaźnˇho disku RAM
---------------------
identifik tor {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \boot\boot.sdi
LastRegBack: 2013-06-21 19:20
==================== End Of Log ============================
Re: PČR opět v akci
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
HKLM\...\Run: [] [x] HKLM\...\Run: [Fe0uUA1mlrHyN] C:\Users\pavel\AppData\Local\Ylapdvx.exe [146432 2013-06-14] () HKU\pavel\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [ 2012-07-13] (Skype Technologies S.A.) HKU\pavel\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x] HKU\pavel\...\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 [ 2011-03-01] (ICQ, LLC.) HKU\pavel\...\Run: [Facebook Update] "C:\Users\pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [ 2012-07-12] (Facebook Inc.) HKU\pavel\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-21] (Microsoft Corporation) HKU\pavel\...\Run: [Fe0uUA1mlrHyN] C:\Users\pavel\AppData\Local\Ylapdvx.exe [ 2013-06-14] () C:\Users\pavel\AppData\Local\Ylapdvx.exe HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb URLSearchHook: ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKLM - {89F0EFA3-627F-4666-B6B5-BA622E51008A} URL = http://slirsredirect.search.aol.com/sli ... 632&query={searchTerms}&invocationType=tb50hpcnnbie7-cs-cz SearchScopes: HKLM - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms} HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll (Crawler, LLC) BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll () C:\Program Files\AOL\AOL Toolbar 5.0 C:\PROGRA~1\WI9130~1\ToolBar O: No Name - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.) BHO: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) C:\PROGRA~1\INBOXT~1 C:\Program Files\Ask.com BHO: BandooIEPlugin Class - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.) Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) Toolbar: HKLM - No Name - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No File Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.) Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKLM - PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM - Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll () Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.) S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247096 2011-02-28] () C:\Program Files\ICQ6Toolbar C:\Users\pavel\AppData\Local\e433e0ea-2e44-488f-b3fa-c49c698ec3d7 C:\ProgramData\nvModes.dat- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny log na flashku k FRST
Spustte znovu FRST.exe na tom poskozenem PC
- Kliknete na Fix
- Probehne oprava a na flash disku se vytvori log Fixlog.txt
Pokuste se nastartovat do bezneho rezimu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: PČR opět v akci
Hotovo, nyní v běžněm jede, ale hodně pomalu
Re: PČR opět v akci
Poprosim o log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: PČR opět v akci
Logfile of random's system information tool 1.09 (written by random/random)
Run by pavel at 2013-06-22 22:18:19
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 181 GB (61%) free of 297 GB
Total RAM: 1790 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:52, on 22.6.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\pavel\Desktop\RSIT.exe
C:\Program Files\trend micro\pavel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [FRST] "F:\\FRST.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FRST] "F:\\FRST.exe" (User 'Default user')
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9150 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{72EAAE9A-2B44-41A7-B8B4-B613498E160D}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
C:\PROGRA~1\INBOXT~1\Inbox.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-30 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
C:\PROGRA~1\AVG\AVG9\avgtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-23 468264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker]
C:\Program Files\SiteRanker\SiteRankTray.exe [2009-10-08 273920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-30 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall_CToolbar]
C:\Users\pavel\AppData\Local\Temp\CUninst.exe /remove []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wi9130~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-06-22 06:34:35 ----A---- C:\ProgramData\nvModes.dat
2013-06-22 06:34:22 ----ASH---- C:\hiberfil.sys
2013-06-21 19:36:05 ----D---- C:\FRST
2013-06-21 19:07:35 ----D---- C:\Program Files\trend micro
2013-06-21 19:07:34 ----D---- C:\rsit
2013-06-20 12:30:02 ----SHD---- C:\Config.Msi
2013-06-20 11:41:41 ----D---- C:\174f0707abb25efe9f9b3014795fb3bb
2013-06-15 11:10:05 ----A---- C:\Windows\ntbtlog.txt
2013-06-13 03:06:41 ----A---- C:\Windows\system32\mshtmled.dll
2013-06-13 03:06:40 ----A---- C:\Windows\system32\vbscript.dll
2013-06-13 03:06:38 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-13 03:06:38 ----A---- C:\Windows\system32\ieUnatt.exe
2013-06-13 03:06:38 ----A---- C:\Windows\system32\ieui.dll
2013-06-13 03:06:37 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-13 03:06:36 ----A---- C:\Windows\system32\wininet.dll
2013-06-13 03:06:36 ----A---- C:\Windows\system32\jscript.dll
2013-06-13 03:06:35 ----A---- C:\Windows\system32\url.dll
2013-06-13 03:06:35 ----A---- C:\Windows\system32\jscript9.dll
2013-06-13 03:06:34 ----A---- C:\Windows\system32\iertutil.dll
2013-06-13 03:06:33 ----A---- C:\Windows\system32\urlmon.dll
2013-06-13 03:06:31 ----A---- C:\Windows\system32\ieframe.dll
2013-06-13 03:06:30 ----A---- C:\Windows\system32\mshtml.dll
2013-06-12 05:26:40 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-06-12 05:26:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 05:26:37 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 05:26:37 ----A---- C:\Windows\system32\printcom.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 05:26:34 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 05:26:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-06-12 05:26:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-06-12 05:25:45 ----A---- C:\Windows\system32\cryptdlg.dll
======List of files/folders modified in the last 1 month======
2013-06-22 22:18:31 ----D---- C:\Windows\Prefetch
2013-06-22 22:18:07 ----D---- C:\Windows\System32
2013-06-22 22:18:07 ----D---- C:\Windows\inf
2013-06-22 22:18:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-06-22 22:16:16 ----D---- C:\Windows\Temp
2013-06-22 22:14:51 ----D---- C:\Windows\Microsoft.NET
2013-06-22 06:40:43 ----SHD---- C:\System Volume Information
2013-06-22 06:34:35 ----HD---- C:\ProgramData
2013-06-22 06:33:23 ----RD---- C:\Program Files
2013-06-22 06:33:22 ----D---- C:\Program Files\Windows Searchqu Toolbar
2013-06-22 06:33:22 ----D---- C:\Program Files\Inbox Toolbar
2013-06-22 06:33:21 ----D---- C:\Program Files\AOL
2013-06-21 19:36:09 ----D---- C:\Windows
2013-06-20 12:32:16 ----SHD---- C:\Windows\Installer
2013-06-20 12:31:50 ----RSD---- C:\Windows\assembly
2013-06-15 12:15:36 ----D---- C:\Users\pavel\AppData\Roaming\Skype
2013-06-15 12:15:15 ----D---- C:\Users\pavel\AppData\Roaming\ICQ
2013-06-15 11:54:59 ----D---- C:\Windows\system32\LogFiles
2013-06-13 05:28:08 ----D---- C:\Windows\rescache
2013-06-13 05:02:55 ----D---- C:\Windows\system32\migration
2013-06-13 05:02:55 ----D---- C:\Windows\system32\drivers
2013-06-13 05:02:54 ----D---- C:\Program Files\Internet Explorer
2013-06-13 05:02:52 ----D---- C:\Windows\system32\sk-SK
2013-06-13 05:02:52 ----D---- C:\Windows\system32\en-US
2013-06-13 05:02:52 ----D---- C:\Windows\system32\cs-CZ
2013-06-13 03:07:40 ----D---- C:\Windows\winsxs
2013-06-13 03:07:13 ----D---- C:\Windows\system32\catroot
2013-06-13 03:07:12 ----D---- C:\Windows\system32\catroot2
2013-06-11 21:34:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-06-02 17:21:30 ----A---- C:\Windows\system32\mrt.exe
2013-06-02 11:17:42 ----D---- C:\Program Files\Microsoft Office
2013-06-02 11:17:41 ----RSD---- C:\Windows\Fonts
2013-06-02 11:17:24 ----D---- C:\Program Files\Common Files\microsoft shared
2013-06-02 11:16:09 ----D---- C:\Program Files\MSECache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102784]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 103040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2011-01-13 1960336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-05 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11 256904]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-05 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-19 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 553440]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-06-08 153808]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-06-21 435008]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Run by pavel at 2013-06-22 22:18:19
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 181 GB (61%) free of 297 GB
Total RAM: 1790 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:52, on 22.6.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16490)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\pavel\Desktop\RSIT.exe
C:\Program Files\trend micro\pavel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [FRST] "F:\\FRST.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FRST] "F:\\FRST.exe" (User 'Default user')
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9150 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2462045333-1167312747-2157866890-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{72EAAE9A-2B44-41A7-B8B4-B613498E160D}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
C:\PROGRA~1\INBOXT~1\Inbox.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-30 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
C:\PROGRA~1\AVG\AVG9\avgtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2008-09-23 468264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker]
C:\Program Files\SiteRanker\SiteRankTray.exe [2009-10-08 273920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-30 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall_CToolbar]
C:\Users\pavel\AppData\Local\Temp\CUninst.exe /remove []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wi9130~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-06-22 06:34:35 ----A---- C:\ProgramData\nvModes.dat
2013-06-22 06:34:22 ----ASH---- C:\hiberfil.sys
2013-06-21 19:36:05 ----D---- C:\FRST
2013-06-21 19:07:35 ----D---- C:\Program Files\trend micro
2013-06-21 19:07:34 ----D---- C:\rsit
2013-06-20 12:30:02 ----SHD---- C:\Config.Msi
2013-06-20 11:41:41 ----D---- C:\174f0707abb25efe9f9b3014795fb3bb
2013-06-15 11:10:05 ----A---- C:\Windows\ntbtlog.txt
2013-06-13 03:06:41 ----A---- C:\Windows\system32\mshtmled.dll
2013-06-13 03:06:40 ----A---- C:\Windows\system32\vbscript.dll
2013-06-13 03:06:38 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-13 03:06:38 ----A---- C:\Windows\system32\ieUnatt.exe
2013-06-13 03:06:38 ----A---- C:\Windows\system32\ieui.dll
2013-06-13 03:06:37 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-13 03:06:36 ----A---- C:\Windows\system32\wininet.dll
2013-06-13 03:06:36 ----A---- C:\Windows\system32\jscript.dll
2013-06-13 03:06:35 ----A---- C:\Windows\system32\url.dll
2013-06-13 03:06:35 ----A---- C:\Windows\system32\jscript9.dll
2013-06-13 03:06:34 ----A---- C:\Windows\system32\iertutil.dll
2013-06-13 03:06:33 ----A---- C:\Windows\system32\urlmon.dll
2013-06-13 03:06:31 ----A---- C:\Windows\system32\ieframe.dll
2013-06-13 03:06:30 ----A---- C:\Windows\system32\mshtml.dll
2013-06-12 05:26:40 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-06-12 05:26:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 05:26:37 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 05:26:37 ----A---- C:\Windows\system32\printcom.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 05:26:34 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 05:26:34 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 05:26:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-06-12 05:26:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-06-12 05:25:45 ----A---- C:\Windows\system32\cryptdlg.dll
======List of files/folders modified in the last 1 month======
2013-06-22 22:18:31 ----D---- C:\Windows\Prefetch
2013-06-22 22:18:07 ----D---- C:\Windows\System32
2013-06-22 22:18:07 ----D---- C:\Windows\inf
2013-06-22 22:18:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-06-22 22:16:16 ----D---- C:\Windows\Temp
2013-06-22 22:14:51 ----D---- C:\Windows\Microsoft.NET
2013-06-22 06:40:43 ----SHD---- C:\System Volume Information
2013-06-22 06:34:35 ----HD---- C:\ProgramData
2013-06-22 06:33:23 ----RD---- C:\Program Files
2013-06-22 06:33:22 ----D---- C:\Program Files\Windows Searchqu Toolbar
2013-06-22 06:33:22 ----D---- C:\Program Files\Inbox Toolbar
2013-06-22 06:33:21 ----D---- C:\Program Files\AOL
2013-06-21 19:36:09 ----D---- C:\Windows
2013-06-20 12:32:16 ----SHD---- C:\Windows\Installer
2013-06-20 12:31:50 ----RSD---- C:\Windows\assembly
2013-06-15 12:15:36 ----D---- C:\Users\pavel\AppData\Roaming\Skype
2013-06-15 12:15:15 ----D---- C:\Users\pavel\AppData\Roaming\ICQ
2013-06-15 11:54:59 ----D---- C:\Windows\system32\LogFiles
2013-06-13 05:28:08 ----D---- C:\Windows\rescache
2013-06-13 05:02:55 ----D---- C:\Windows\system32\migration
2013-06-13 05:02:55 ----D---- C:\Windows\system32\drivers
2013-06-13 05:02:54 ----D---- C:\Program Files\Internet Explorer
2013-06-13 05:02:52 ----D---- C:\Windows\system32\sk-SK
2013-06-13 05:02:52 ----D---- C:\Windows\system32\en-US
2013-06-13 05:02:52 ----D---- C:\Windows\system32\cs-CZ
2013-06-13 03:07:40 ----D---- C:\Windows\winsxs
2013-06-13 03:07:13 ----D---- C:\Windows\system32\catroot
2013-06-13 03:07:12 ----D---- C:\Windows\system32\catroot2
2013-06-11 21:34:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-06-02 17:21:30 ----A---- C:\Windows\system32\mrt.exe
2013-06-02 11:17:42 ----D---- C:\Program Files\Microsoft Office
2013-06-02 11:17:41 ----RSD---- C:\Windows\Fonts
2013-06-02 11:17:24 ----D---- C:\Program Files\Common Files\microsoft shared
2013-06-02 11:16:09 ----D---- C:\Program Files\MSECache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102784]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 103040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2011-01-13 1960336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-05 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11 256904]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-05 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-19 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 553440]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-06-08 153808]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-06-21 435008]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Re: PČR opět v akci
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Prohledat
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: PČR opět v akci
Tak první log, druhý za minutku
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by pavel on ne 23.06.2013 at 20:00:54,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandoo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\inbox toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\inbox toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\bandoocoordinator.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\bandoocore.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\flashanimator.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\icq service.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\ieplugin.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.bandoocoordinator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.bandoocoordinator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.coordinatorui
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.coordinatorui.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.httpasyncresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.httpasyncresult.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.pluginnotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.pluginnotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.bandoocore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.bandoocore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.resourcesmngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.resourcesmngr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.settingsmngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.settingsmngr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.statisticmngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.statisticmngr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandooieplugin.bandooieplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandooieplugin.bandooieplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bflashanimator.bflashanimatorctrl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bflashanimator.bflashanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bgifanimator.bgifanimatorctrl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bgifanimator.bgifanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4client
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4script
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4server
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\explorerbar.funexplorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\explorerbar.funexplorer.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\askbardis"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\asktoolbarinfo"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0cfe535c35f99574e8340bfa75bf92c2"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\a28b4d68debaa244eb686953b7074fef"
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\bandoo"
Successfully deleted: [Folder] "C:\Users\pavel\AppData\Roaming\bandoo"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\inbox toolbar"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\media access startup"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\searchqutb"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\siteranker"
Successfully deleted: [Folder] "C:\Program Files\bandoo"
Successfully deleted: [Folder] "C:\Program Files\crawler"
Successfully deleted: [Folder] "C:\Program Files\inbox toolbar"
Successfully deleted: [Folder] "C:\Program Files\media access startup"
Successfully deleted: [Folder] "C:\Program Files\siteranker"
Successfully deleted: [Folder] "C:\Program Files\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bandoo"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\inbox toolbar"
Successfully deleted: [Empty Folder] C:\Users\pavel\appdata\local\{8BBE2718-19E7-4AF0-89EE-CE74F2A6E46C}
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 23.06.2013 at 20:03:24,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by pavel on ne 23.06.2013 at 20:00:54,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandoo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\inbox toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\inbox toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\bandoocoordinator.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\bandoocore.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\flashanimator.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\icq service.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\ieplugin.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.bandoocoordinator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.bandoocoordinator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.coordinatorui
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.coordinatorui.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.httpasyncresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.httpasyncresult.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.pluginnotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocoordinator.pluginnotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.bandoocore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.bandoocore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.resourcesmngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.resourcesmngr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.settingsmngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.settingsmngr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.statisticmngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.statisticmngr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandooieplugin.bandooieplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandooieplugin.bandooieplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bflashanimator.bflashanimatorctrl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bflashanimator.bflashanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bgifanimator.bgifanimatorctrl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bgifanimator.bgifanimatorctrl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4client
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4script
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\cshared.tb4server
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\explorerbar.funexplorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\explorerbar.funexplorer.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\askbardis"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\asktoolbarinfo"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0cfe535c35f99574e8340bfa75bf92c2"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\a28b4d68debaa244eb686953b7074fef"
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\bandoo"
Successfully deleted: [Folder] "C:\Users\pavel\AppData\Roaming\bandoo"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\inbox toolbar"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\media access startup"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\searchqutb"
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\siteranker"
Successfully deleted: [Folder] "C:\Program Files\bandoo"
Successfully deleted: [Folder] "C:\Program Files\crawler"
Successfully deleted: [Folder] "C:\Program Files\inbox toolbar"
Successfully deleted: [Folder] "C:\Program Files\media access startup"
Successfully deleted: [Folder] "C:\Program Files\siteranker"
Successfully deleted: [Folder] "C:\Program Files\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bandoo"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\inbox toolbar"
Successfully deleted: [Empty Folder] C:\Users\pavel\appdata\local\{8BBE2718-19E7-4AF0-89EE-CE74F2A6E46C}
Successfully deleted: [Folder] "C:\Users\pavel\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 23.06.2013 at 20:03:24,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: PČR opět v akci
# AdwCleaner v2.303 - Log vytvooen 23/06/2013 v 20:05:46
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : pavel - PAVEL-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\pavel\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : Bandoo Coordinator
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Klíe Nalezeno : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Media Access Startup
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\searchqutb
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Klíe Nalezeno : HKLM\Software\Media Access Startup
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84D69AA-3E20-4305-984E-18E640D7F7FF}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Nalezeno : HKU\S-1-5-21-2462045333-1167312747-2157866890-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16490
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
-\\ Google Chrome v12.0.742.91
Soubor : C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10157 octets] - [23/06/2013 20:05:46]
########## EOF - C:\AdwCleaner[R1].txt - [10218 octets] ##########
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : pavel - PAVEL-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\pavel\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : Bandoo Coordinator
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Klíe Nalezeno : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Media Access Startup
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\searchqutb
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Klíe Nalezeno : HKLM\Software\Media Access Startup
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84D69AA-3E20-4305-984E-18E640D7F7FF}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Nalezeno : HKU\S-1-5-21-2462045333-1167312747-2157866890-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16490
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
-\\ Google Chrome v12.0.742.91
Soubor : C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10157 octets] - [23/06/2013 20:05:46]
########## EOF - C:\AdwCleaner[R1].txt - [10218 octets] ##########
Re: PČR opět v akci
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Smazat
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: PČR opět v akci
# AdwCleaner v2.303 - Log vytvooen 23/06/2013 v 20:11:39
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : pavel - PAVEL-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\pavel\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : Bandoo Coordinator
***** [Soubory / Složky] *****
Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Klíe Vymazáno : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Media Access Startup
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\searchqutb
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Klíe Vymazáno : HKLM\Software\Media Access Startup
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84D69AA-3E20-4305-984E-18E640D7F7FF}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16490
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms} --> hxxp://www.google.com
-\\ Google Chrome v12.0.742.91
Soubor : C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10288 octets] - [23/06/2013 20:05:46]
AdwCleaner[S1].txt - [9984 octets] - [23/06/2013 20:11:39]
########## EOF - C:\AdwCleaner[S1].txt - [10044 octets] ##########
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : pavel - PAVEL-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\pavel\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : Bandoo Coordinator
***** [Soubory / Složky] *****
Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Klíe Vymazáno : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Media Access Startup
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\searchqutb
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Klíe Vymazáno : HKLM\Software\Media Access Startup
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84D69AA-3E20-4305-984E-18E640D7F7FF}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16490
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms} --> hxxp://www.google.com
-\\ Google Chrome v12.0.742.91
Soubor : C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10288 octets] - [23/06/2013 20:05:46]
AdwCleaner[S1].txt - [9984 octets] - [23/06/2013 20:11:39]
########## EOF - C:\AdwCleaner[S1].txt - [10044 octets] ##########
Re: PČR opět v akci
Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe
- Ulozte nejlepe na Plochu
- U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
- Kliknete na Scan
- Po dokonceni skenu se objevi log FSS.txt ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: PČR opět v akci
Farbar Service Scanner Version: 16-06-2013
Ran by pavel (administrator) on 23-06-2013 at 20:25:12
Running from "C:\Users\pavel\Desktop"
Windows Vista (TM) Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-06-12 05:26] - [2013-05-08 05:40] - 0914792 ____A (Microsoft Corporation) 078218D74C4EFC2CE7E4C6DF22A94F2F
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-06-12 05:26] - [2013-04-24 06:00] - 0133120 ____A (Microsoft Corporation) 3EDE4C1F9672C972479201544969ADCB
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
Ran by pavel (administrator) on 23-06-2013 at 20:25:12
Running from "C:\Users\pavel\Desktop"
Windows Vista (TM) Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-06-12 05:26] - [2013-05-08 05:40] - 0914792 ____A (Microsoft Corporation) 078218D74C4EFC2CE7E4C6DF22A94F2F
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-06-12 05:26] - [2013-04-24 06:00] - 0133120 ____A (Microsoft Corporation) 3EDE4C1F9672C972479201544969ADCB
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
Re: PČR opět v akci
Stahnete Service Repair http://kb.eset.com/library/ESET/KB%20Te ... Repair.exe
- Ulozte nejlepe na Plochu
- Spustte a potvrdte Yes abyste potvrdil reinstalaci sluzeb
- Nasledne kliknutim na Yes potvrdte restart PC
- Na Plose vznikne slozka CC Support, najdete tam log SvcRepair.txt - mel by byt CC Support\Logs\SvcRepair.txt - vlozte mi jej sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?