Prosím o kontrolu logu z RSIT

[ikvido]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2010-11-07 22:55:29
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 139 GB (68%) free of 205 GB
Total RAM: 2047 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:46, on 7.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Ashampoo\Ashampoo Snap 3\ashsnap.exe
C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Microsoft Office\Office\1029\msoffice.exe
C:\Users\Petr Marek\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Users\PETRMA~1\AppData\Local\Temp\mexe.com
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Petr Marek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.radiosamson.cz/play/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910

\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP LaserJet P2050 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-

Packard\ScheduledLaunch\LJ_P2050_Series -f PQOptimizerVideo.xml -o RemindLater
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on

/tmcp:on
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [ABBYY Screenshot Reader Retail] "C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenShotReader.exe" -autorun
O4 - HKLM\..\Run: [KiesTrayAgent] "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKCU\..\Run: [Clipboard Recorder] "C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe" -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ABBYY Screenshot Reader Retail] "C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr Marek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 3\ashsnap.exe
O4 - Startup: Acronis True Image Home 11.0.lnk = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
O4 - Startup: Panel zástupců Microsoft Office.lnk = ?
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
O4 - Global Startup: PhraseExpress.lnk = C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google

Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search &

Destroy\SDHelper.dll
O15 - Trusted Zone: http://www.ppl.cz
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/59.10/uploader2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ABBYY.Licensing.FineReader.ScreenshotReader.9.0 - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY Screenshot

Reader\NetworkLicenseServer.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files (x86)

\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files (x86)\Firebird\Firebird_2_0

\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lokátor vzdáleného volání procedur (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vtigercrm504 - Apache Software Foundation - C:\Program Files (x86)\vtigercrm5\apache\bin\Apache.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media

Player\wmpnetwk.exe (file missing)

--
End of file - 10735 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
Ati2evxx.exe -Client
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {3CBB3F5D-5D29-41B4-90D4-E7702A5CB43C}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {9689EF43-38FF-490C-B2E1-21B00F05C629}
"C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" /rep_new
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\dgdersvc.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe" -s
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\locator.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\vtigercrm5\apache\bin\Apache.exe" -k runservice
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2916
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\vtigercrm5\apache\bin\Apache.exe" -d "C:/Program Files (x86)/vtigercrm5/apache" -f conf\httpd.conf
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Windows\RAVCpl64.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe" -startup
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo Snap 3\ashsnap.exe"
"C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe" -addrun="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging

Monitor.lnk"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe" -autorun
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\conime.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Trillian\trillian.exe"
"C:\Program Files (x86)\Microsoft Office\Office\1029\msoffice.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Users\Petr Marek\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe" -s
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\PETRMA~1\AppData\Local\Temp\mexe.com"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646

"Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)"

"C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648
"C:\Users\Petr Marek\Desktop\AntiSpyware\RSIT\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1132914684-4041508721-3535525902-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1132914684-4041508721-3535525902-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{74A6CB03-B0B9-4780-9FDA-3382EFACC3A2}.job
C:\Windows\tasks\vtigerCRM Email Reminder.job
C:\Windows\tasks\vtigerCRM Notification Scheduler.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-10-27 398512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll [2010-10-27 317496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-

09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-27 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-10-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-10-27 398512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2007-04-23 5071360]
"Skytel"=C:\Windows\Skytel.exe [2007-04-13 1822720]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-10-07 1923640]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe [2009-11-26 361976]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2009-11-26 390600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DW4"= []
"Clipboard Recorder"=C:\Program Files (x86)\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe [2007-07-09 1843200]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-05 39408]
"ABBYY Screenshot Reader Retail"=C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe [2008-12-09 959776]
"Google Update"=C:\Users\Petr Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
"AshSnap"=C:\Program Files (x86)\Ashampoo\Ashampoo Snap 3\ashsnap.exe [2010-03-18 1243472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2007-10-10 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr Marek^AppData^Roaming^Microsoft^Windows^Start

Menu^Programs^Startup^Reminder-cor40212.lnk]
C:\PROGRA~2\Corel\GRAPHI~1\Register\Remind32.exe [1998-07-23 67584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"HPPQVideo"=C:\Program Files (x86)\HP\ScheduledLaunch\HP LaserJet P2050 Series\bin\hppschlnch.exe [2007-05-07 106496]
"ToolBoxFX"=C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [2008-08-25 53248]
""= []
"HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2008-09-02 36864]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-11-26 5129128]
"ABBYY Screenshot Reader Retail"=C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenShotReader.exe [2008-12-09 959776]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2010-08-16 3367224]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"BtTray"=C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk -
PhraseExpress.lnk - C:\Program Files (x86)\PhraseExpress\phraseexpress.exe

C:\Users\Petr Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Acronis True Image Home 11.0.lnk - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
Panel zástupců Microsoft Office.lnk - C:\Windows\Installer\{00000405-78E1-11D2-B60F-006097C998E7}\misc.exe
Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-07 22:55:30 ----D---- C:\Program Files\trend micro
2010-11-07 22:45:31 ----AD---- C:\Windows\rundll16.exe
2010-11-07 22:45:31 ----AD---- C:\Windows\logo1_.exe
2010-11-07 20:06:01 ----AD---- C:\Windows\VDLL.DLL
2010-11-07 20:06:01 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2010-11-07 20:06:01 ----AD---- C:\Windows\RUNDL132.EXE
2010-11-07 20:06:01 ----AD---- C:\Windows\logo_1.exe
2010-11-07 19:57:34 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2010-11-07 19:57:33 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2010-11-07 19:57:32 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2010-11-07 19:57:24 ----D---- C:\ProgramData\MicroWorld
2010-11-06 18:44:57 ----D---- C:\ProgramData\Elaborate Bytes
2010-11-06 12:29:56 ----A---- C:\Users\Petr Marek\AppData\Roaming\AutoGK.ini
2010-11-06 11:17:07 ----D---- C:\Program Files (x86)\XviD
2010-11-06 11:16:52 ----D---- C:\Program Files (x86)\AviSynth 2.5
2010-11-06 11:15:03 ----D---- C:\Program Files (x86)\Gabest
2010-11-06 11:14:21 ----D---- C:\Program Files (x86)\AutoGK_Ripování DVD - DVD to AVI
2010-11-06 09:55:11 ----D---- C:\Program Files (x86)\CDex
2010-11-06 09:54:23 ----A---- C:\Windows\cdplayer.ini
2010-11-01 08:45:32 ----D---- C:\Windows\cs
2010-11-01 08:44:04 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-11-01 08:42:39 ----D---- C:\Program Files (x86)\Windows Live
2010-11-01 08:42:34 ----D---- C:\Windows\PCHEALTH
2010-11-01 08:42:02 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-11-01 08:42:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-11-01 08:42:02 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-11-01 08:42:02 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-01 08:41:37 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-11-01 08:41:37 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-10-27 05:57:22 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 05:57:21 ----A---- C:\Windows\SYSWOW64\gameux.dll
2010-10-27 05:57:14 ----A---- C:\Windows\SYSWOW64\Apphlpdm.dll
2010-10-27 05:57:14 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-27 05:57:13 ----A---- C:\Windows\SYSWOW64\GameUXLegacyGDFs.dll
2010-10-27 05:57:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-26 10:25:47 ----D---- C:\Program Files\CDBurnerXP
2010-10-23 13:21:54 ----HD---- C:\Windows\msdownld.tmp
2010-10-13 21:13:54 ----D---- C:\ProgramData\Sun
2010-10-13 21:13:34 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-10-13 21:13:34 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-10-13 21:13:34 ----A---- C:\Windows\SYSWOW64\java.exe
2010-10-13 21:13:34 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-10-13 20:17:42 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-10-13 20:17:42 ----A---- C:\Windows\system32\ole32.dll
2010-10-13 20:17:39 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-10-13 20:17:39 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-10-13 20:17:38 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-10-13 20:17:38 ----A---- C:\Windows\system32\t2embed.dll
2010-10-13 20:17:35 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-10-13 20:17:35 ----A---- C:\Windows\system32\comctl32.dll
2010-10-13 20:17:33 ----A---- C:\Windows\SYSWOW64\msshsq.dll
2010-10-13 20:17:33 ----A---- C:\Windows\system32\msshsq.dll
2010-10-13 20:17:31 ----A---- C:\Windows\system32\win32k.sys
2010-10-13 20:17:27 ----A---- C:\Windows\system32\mshtml.dll
2010-10-13 20:17:26 ----A---- C:\Windows\system32\ieframe.dll
2010-10-13 20:17:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-10-13 20:17:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-10-13 20:17:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-10-13 20:17:21 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-10-13 20:17:21 ----A---- C:\Windows\system32\wininet.dll
2010-10-13 20:17:21 ----A---- C:\Windows\system32\urlmon.dll
2010-10-13 20:17:21 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-13 20:17:21 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-13 20:17:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-10-13 20:17:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-10-13 20:17:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-10-13 20:17:20 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-13 20:17:20 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\occache.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\mstime.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\ieui.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\iesetup.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\iertutil.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\iernonce.dll
2010-10-13 20:17:19 ----A---- C:\Windows\system32\iepeers.dll
2010-10-13 20:17:18 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-10-13 20:17:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\occache.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-10-13 20:17:17 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2010-10-13 20:17:17 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-13 20:17:17 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-13 20:17:17 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-13 20:17:16 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-10-13 20:17:16 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-13 20:17:03 ----A---- C:\Windows\system32\wmp.dll
2010-10-13 20:17:01 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-10-13 20:16:56 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-10-13 20:16:55 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-13 20:16:24 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-13 20:16:24 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-13 20:16:24 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-13 20:16:23 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-10-13 20:16:23 ----A---- C:\Windows\system32\sscore.dll
2010-10-13 20:16:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-13 20:16:22 ----A---- C:\Windows\SYSWOW64\netevent.dll
2010-10-13 20:16:22 ----A---- C:\Windows\system32\netevent.dll
2010-10-13 20:15:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-10-13 20:15:57 ----A---- C:\Windows\system32\schannel.dll
2010-10-13 20:15:54 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-10-13 20:15:53 ----A---- C:\Windows\system32\wmpmde.dll

======List of files/folders modified in the last 1 months======

2010-11-07 22:55:46 ----D---- C:\Windows\Prefetch
2010-11-07 22:55:44 ----D---- C:\Windows\Temp
2010-11-07 22:55:30 ----RD---- C:\Program Files
2010-11-07 22:45:31 ----D---- C:\Windows
2010-11-07 22:34:58 ----D---- C:\Windows\System32
2010-11-07 22:34:57 ----D---- C:\Windows\inf
2010-11-07 22:34:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-07 22:32:12 ----D---- C:\Program Files (x86)\Trillian
2010-11-07 20:13:08 ----D---- C:\Users\Petr Marek\AppData\Roaming\IDOS
2010-11-07 20:06:01 ----D---- C:\Windows\SysWOW64
2010-11-07 20:05:47 ----D---- C:\zaloha
2010-11-07 19:59:27 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-11-07 19:59:27 ----D---- C:\Program Files (x86)\Winamp
2010-11-07 19:58:48 ----D---- C:\Windows\Minidump
2010-11-07 19:58:48 ----D---- C:\Windows\Debug
2010-11-07 19:57:27 ----D---- C:\Program Files (x86)\Common Files
2010-11-07 19:57:24 ----HD---- C:\ProgramData
2010-11-07 19:53:56 ----D---- C:\Program Files (x86)\CCleaner
2010-11-07 19:51:51 ----SHD---- C:\System Volume Information
2010-11-07 14:12:57 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-11-07 13:35:45 ----D---- C:\aaa
2010-11-07 12:07:50 ----D---- C:\Windows\system32\LogFiles
2010-11-07 08:12:49 ----D---- C:\Windows\SYSWOW64\drivers
2010-11-07 08:12:49 ----D---- C:\Windows\system32\drivers
2010-11-07 08:12:44 ----D---- C:\Program Files (x86)\Elaborate Bytes
2010-11-07 08:00:59 ----SHD---- C:\Windows\Installer
2010-11-07 08:00:47 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-07 07:53:27 ----RD---- C:\Program Files (x86)
2010-11-06 21:14:09 ----D---- C:\ProgramData\DVD Shrink
2010-11-01 08:44:07 ----RSD---- C:\Windows\assembly
2010-11-01 08:43:14 ----SD---- C:\ProgramData\Microsoft
2010-11-01 08:43:12 ----RSD---- C:\Windows\Fonts
2010-11-01 08:42:46 ----D---- C:\Windows\winsxs
2010-11-01 08:42:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-01 08:41:09 ----D---- C:\Windows\system32\catroot2
2010-11-01 08:41:09 ----D---- C:\Windows\Logs
2010-10-28 10:19:28 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2010-10-28 06:52:18 ----D---- C:\Windows\AppPatch
2010-10-27 05:43:01 ----D---- C:\Windows\system32\catroot
2010-10-23 15:01:47 ----D---- C:\Users\Petr Marek\AppData\Roaming\dvdcss
2010-10-22 12:08:27 ----D---- C:\Program Files (x86)\Ashampoo
2010-10-20 07:59:33 ----D---- C:\Program Files (x86)\MOBILedit!4
2010-10-20 07:56:29 ----D---- C:\Users\Petr Marek\AppData\Roaming\MOBILedit
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-16 07:43:56 ----D---- C:\Program Files (x86)\Opera
2010-10-14 08:01:14 ----D---- C:\Windows\rescache
2010-10-14 07:34:07 ----D---- C:\Program Files (x86)\Internet Explorer
2010-10-14 07:34:06 ----D---- C:\Windows\SYSWOW64\migration
2010-10-14 07:34:06 ----D---- C:\Program Files\Internet Explorer
2010-10-14 07:34:04 ----D---- C:\Windows\system32\migration
2010-10-14 07:34:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-10-14 07:34:03 ----D---- C:\Windows\system32\cs-CZ
2010-10-14 07:34:03 ----D---- C:\Program Files\Windows Media Player
2010-10-14 07:34:03 ----D---- C:\Program Files (x86)\Windows Media Player
2010-10-14 07:09:43 ----A---- C:\Windows\system32\mrt.exe
2010-10-13 21:12:53 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2007-07-03 129056]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-01-24 257120]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2007-10-29 845560]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-01-24 1477728]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-01-24 943712]
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2009-10-07 54232]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 32712]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-10-07 68616]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2009-10-07 44944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-10-07 82536]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 119296]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2009-12-05 81952]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-01-24 251488]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-05-18 3134976]
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-07-30 20552]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 14032]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-10-07 33608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2007-04-23 1072928]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 27648]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2007-05-03 1487784]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2009-11-16 271360]
S1 fwdrv;Firewall Driver; C:\Windows\system32\drivers\fwdrv.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 145408]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 42496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 gwiopm;gwiopm; \??\C:\Program Files (x86)\My Drivers\gwiopm.sys [1998-06-03 3904]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 HPFXBULK;HPFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [2007-07-16 20504]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-05-18 3134976]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 11264]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2010-07-20 125416]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-07-20 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2010-07-20 159208]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-05-25 16392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 19456]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 168704]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 151656]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-04-11 36864]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-19 22528]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 108544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-01-12 587096]
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0;ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot

Reader\NetworkLicenseServer.exe [2008-10-27 759072]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-11-26 904168]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-01-24 2480048]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-05-18 775168]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2010-07-30 119632]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-10-07 472280]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe [2008-12-11 81920]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2007-10-12 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 vtigercrm504;vtigercrm504; C:\Program Files (x86)\vtigercrm5\apache\bin\Apache.exe [2004-09-23 20541]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe [2008-12-11 2043904]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-10-03 72704]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-10-07 23296]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-05 182768]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S4 KPF4;Kerio Personal Firewall 4; C:\Program Files (x86)\Kerio\Personal Firewall 4\kpf4ss.exe [2005-03-23 1941504]

-----------------EOF-----------------

[Roli]

Zdravím, nic špatného nevidím jen odinstaluj Spybot SD který je už za zenitem.

[ikvido]

jen odinstaluj Spybot SD který je už za zenitem.

Používám rezident ze Spybotu pro kontrolu zda se nějaká aplikace pokouší zapsat info do registru.
Co jiného pro kontrolu na spyware mi doporučuješ ?

[Roli]

Na občasný sken stačí SuperAntiSpy, rezidentní štít až tak třeba není vždyť tam máš ESET Smart Security.

[ikvido]

ESET Smart Security - NEHLÁSÍ pokusy o zápis do registru.
Právě to dělá rezident od Spybotu. Už mnohokrát se mi to vyplatilo.

Myslíš, že se vyplatí koupit PROFI SUPERAntiSpyware s rezident.štítem ?
Hlásí pokusy o zápis do registru ?
Vývoj antispyware SW běží tak rychle dopředu, že asi těžko říct, co ?
Může se za měsíc objevit úplně nový SW.

SuperAntiSpy jsem dříve měl nainstalovaný, ale většinou nic nenašel při scanu.
Spybot toho objevil víc.

Z čeho se dá soudit, že Spybot je za zenitem ?

[Roli]

Ano vím ESET to nehlásí ale je to dost dobrá ochrana.

SAS se nevyplatí koupit to spíše použij Spyware Terminatora když už chceš tento druh ochrany.

Spybot-SD stejně jako Ad-Aware už nejsou co bývali, ověřeno v praxi.

[ikvido]

Ano, díky za info.
Můžeš mi prosím ještě doporučit něco na ROOTKITY ?
a) dohledání
b) rezident

[Roli]

No s rootkity to není až tak jednoduché.

Některé zachytí klasický antivir ale vyloženě antirootkit s rezidentní ochranou nevím že by byl.

Jsou sice nějaké softíky na skenování jako třeba Panda Anti Rootkit nebo Sophos Anti Rootkit

Pak speciální utilitky z kterých logy zkontrolujeme tady.