dobrý den prosím o kontrolu logu mam problem ze muj Lap top nemá takový výkon jaký by měl mít
Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-03-09 10:01:39
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 9 GB (6%) free of 152 GB
Total RAM: 2046 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:02:37, on 9.3.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Users\user\Downloads\RSIT.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBit1.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBit1.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - (no file)
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBit1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [recinfo561] c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Users\user\AppData\Local\CrossLoop\CrossLoopService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca8c8f5c8864d8) (gupdate1ca8c8f5c8864d8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Users\user\AppData\Local\CrossLoop\winvnc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12423 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2010-12-25 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\tbBit1.dll [2010-12-25 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-23 297648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2011-02-23 843832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-25 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
{90222687-F593-4738-B738-FBEE9C7B26DF}
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\tbBit1.dll [2010-12-25 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2010-12-25 3911776]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-25 3911776]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-23 297648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-11-07 159744]
"PowerManager"=C:\Program Files\Power Manager\PM.exe [2007-03-13 29696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-25 107112]
"recinfo561"=c:\RecInfo\RecInfo.exe [2007-10-23 2764800]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-09-01 13797992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Steam"=C:\Program Files\Valve\Steam\steam.exe [2010-11-17 1242448]
"ares"=C:\Program Files\Ares\Ares.exe -h []
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-11-07 328056]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2011-01-13 840000]
"ICQ"=~C:\Program Files\ICQ6.5\ICQ.exe silent []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 months======
2011-03-09 10:01:40 ----D---- C:\Program Files\trend micro
2011-03-09 10:01:39 ----D---- C:\rsit
2011-03-04 10:05:52 ----A---- C:\Windows\system32\shsvcs.dll
2011-03-04 08:17:40 ----A---- C:\Windows\wwp.INI
2011-02-25 00:06:53 ----D---- C:\Windows\system32\WindowsPowerShell
2011-02-25 00:03:58 ----A---- C:\Windows\system32\winrsmgr.dll
2011-02-25 00:03:47 ----A---- C:\Windows\system32\wsmprovhost.exe
2011-02-25 00:03:46 ----A---- C:\Windows\system32\winrshost.exe
2011-02-25 00:03:46 ----A---- C:\Windows\system32\winrs.exe
2011-02-25 00:03:43 ----A---- C:\Windows\system32\wsmplpxy.dll
2011-02-25 00:03:43 ----A---- C:\Windows\system32\winrssrv.dll
2011-02-25 00:03:42 ----A---- C:\Windows\system32\wecapi.dll
2011-02-25 00:03:41 ----A---- C:\Windows\system32\WsmRes.dll
2011-02-25 00:03:41 ----A---- C:\Windows\system32\wevtfwd.dll
2011-02-25 00:03:41 ----A---- C:\Windows\system32\wecutil.exe
2011-02-25 00:03:41 ----A---- C:\Windows\system32\wecsvc.dll
2011-02-25 00:03:41 ----A---- C:\Windows\system32\pwrshplugin.dll
2011-02-25 00:03:35 ----A---- C:\Windows\system32\winrm.vbs
2011-02-25 00:03:34 ----A---- C:\Windows\system32\WsmWmiPl.dll
2011-02-25 00:03:34 ----A---- C:\Windows\system32\WsmAuto.dll
2011-02-25 00:03:34 ----A---- C:\Windows\system32\winrscmd.dll
2011-02-25 00:03:33 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2011-02-25 00:03:30 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2011-02-25 00:03:29 ----A---- C:\Windows\system32\WsmSvc.dll
2011-02-13 19:38:26 ----D---- C:\ProgramData\Hewlett-Packard
======List of files/folders modified in the last 1 months======
2011-03-09 10:02:17 ----D---- C:\Windows\Temp
2011-03-09 10:01:54 ----D---- C:\Windows\Prefetch
2011-03-09 10:01:40 ----D---- C:\Program Files
2011-03-09 09:04:38 ----D---- C:\Windows\system32\catroot
2011-03-09 09:04:34 ----D---- C:\Windows\winsxs
2011-03-09 09:02:39 ----D---- C:\Windows\system32\catroot2
2011-03-09 09:00:44 ----D---- C:\Users\user\AppData\Roaming\uTorrent
2011-03-08 15:39:40 ----SHD---- C:\System Volume Information
2011-03-07 21:57:11 ----D---- C:\Program Files\Mozilla Firefox
2011-03-07 20:53:02 ----D---- C:\Users\user\AppData\Roaming\ICQ
2011-03-06 23:22:09 ----D---- C:\Users\user\AppData\Roaming\vlc
2011-03-05 10:01:18 ----D---- C:\Windows\System32
2011-03-04 18:19:10 ----D---- C:\Windows\inf
2011-03-04 18:19:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-04 14:06:17 ----D---- C:\Program Files\Common Files\Steam
2011-03-04 14:03:56 ----D---- C:\Windows\Minidump
2011-03-04 14:03:00 ----D---- C:\Windows
2011-03-04 08:39:51 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-04 08:39:50 ----SHD---- C:\Windows\Installer
2011-02-26 20:03:12 ----D---- C:\Users\user\AppData\Roaming\Mumble
2011-02-25 14:36:04 ----D---- C:\Windows\Microsoft.NET
2011-02-25 14:33:35 ----D---- C:\Windows\rescache
2011-02-25 14:15:29 ----RSD---- C:\Windows\assembly
2011-02-25 00:07:13 ----D---- C:\Windows\system32\cs-CZ
2011-02-25 00:07:13 ----D---- C:\Windows\PolicyDefinitions
2011-02-13 19:38:26 ----HD---- C:\ProgramData
2011-02-13 14:19:53 ----D---- C:\Users\user\AppData\Roaming\Skype
2011-02-13 11:35:14 ----D---- C:\Users\user\AppData\Roaming\skypePM
2011-02-10 15:00:28 ----D---- C:\Program Files\Windows Mail
2011-02-10 15:00:21 ----D---- C:\Windows\system32\drivers
2011-02-10 00:36:15 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-01-27 101160]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-07 691696]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 218688]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 WINIO;WINIO; \??\C:\Windows\system32\WinIo.sys [2007-01-04 9336]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 50704]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-03-15 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-10-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-27 27488]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2010-02-05 66952]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-03-26 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-03-26 208384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-09-01 9825728]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2006-09-15 11520]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 smscirrx;SMSC CIR Receive; C:\Windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-03-26 660480]
S1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-24 185744]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 Cam5603D;Bison WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2007-09-07 783272]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\user\AppData\Local\Temp\UCG68D8.tmp [2010-12-25 25616]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Garena\safedrv.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2006-10-24 11792]
S3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2006-10-24 144784]
S3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2006-10-24 38928]
S3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-24 26384]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2007-07-12 305176]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2007-06-13 48256]
S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2007-07-02 131616]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-11-08 102912]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
R2 CrossLoopService;CrossLoop Service; C:\Users\user\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 IviRegMgr;IviRegMgr; c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-01 211560]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-02-28 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-20 262247]
R2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-03-15 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
S2 gupdate1ca8c8f5c8864d8;Služba Google Update (gupdate1ca8c8f5c8864d8); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-03 133104]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-24 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-04 407336]
S3 uvnc_service;uvnc_service; C:\Users\user\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2011-03-09 10:02:44
======Uninstall list======
Leawo Video Converter version 3.0.0.1-->"C:\Program Files\Leawo\Video Converter\unins000.exe"
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe -maintain plugin
Adobe Reader 8 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A81200000003}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Age Of Empires 2 & The Conquerors Expansion - Full Game-->C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\uninstall.exe
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
AMX Mod X Installer 1.8.0-->C:\Users\user\Desktop\AMX Mod X\uninst.exe
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 2.0\uninstall.exe
Audacity 1.3.9 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Bison WebCam-->Rundll32.exe BisonRem.dll,WinMainRmv
BitTorrentBar Toolbar-->C:\PROGRA~1\BITTOR~2\UNWISE.EXE /U C:\PROGRA~1\BITTOR~2\INSTALL.LOG
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Centricity DICOM Viewer-->C:\Program Files\Centricity\DICOM Viewer\3.1\EN_US\setupw2k /action=uninstall
Condition Zero Deleted Scenes-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/100
Condition Zero-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/80
Conduit Engine-->C:\Program Files\ConduitEngine\ConduitEngineUninstall.exe
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
Counter-Strike Steamworks Beta-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/150
Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/10
CrossLoop 2.72-->"C:\Users\user\AppData\Local\CrossLoop\unins000.exe"
DAEMON Tools Pro-->C:\Program Files\DAEMON Tools Pro\uninst.exe
Day of Defeat-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/30
Deathmatch Classic-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/40
Dedicated Server-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/5
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EA Download Manager UI-->msiexec /qb /x {A59BB15D-51B7-F12B-4548-8C0368243441}
EA Download Manager UI-->MsiExec.exe /I{A59BB15D-51B7-F12B-4548-8C0368243441}
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\EADMUninstall.exe
ffdshow-->"C:\Program Files\ffdshow\uninstall.exe"
FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
FL Studio 9-->C:\Program Files\Image-Line\FL Studio 9\uninstall.exe
FlatOut2-->"C:\Program Files\FlatOut2\unins000.exe"
FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe"
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
Free CD to MP3 Converter-->C:\PROGRA~1\CDTOMP~1\UNWISE.EXE C:\PROGRA~1\CDTOMP~1\INSTALL.LOG
GamePark-->"C:\Program Files\GamePark\unins000.exe"
GameSpy-->C:\Program Files\GameSpy Arcade\uninstall.exe
Garena 2010-->D:\Garena\uninst.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\9.0.597.107\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_4079369A224CB572.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Gothic 3 - Forsaken Gods-->MsiExec.exe /I{41B3E7D3-591B-4627-A86C-4532035C8E2C}
Gothic II-->"D:\Gothic II\Gothic II\unins000.exe"
Gothic-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C16ADB2B-37C8-4AF8-A7D2-3A4B1BEF9662}
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F10001\UIU32m.exe -U -IPDAZLCMzK.inf
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Intel A/V Codecs V2.0-->C:\Windows\IsUninst.exe -fC:\Windows\system32\CDUninst.isu
InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0405
K-Lite Codec Pack 6.1.0 (Basic)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{86A4C6D9-29EE-4719-AFA1-BA3341862B83}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /I{AAF4238F-7C29-451D-9925-C753271A5728}
MobMap 1.30-->"C:\Program Files\MobMapUpdater\unins000.exe"
Mount&Blade-->C:\Program Files\Mount&Blade\uninstall.exe
Mozilla Firefox (3.5.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
Need for Speed Underground 2-->D:\NFS\EAUninstall.exe
Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
NFS: Most Wanted CZ-->G:\Hry\EA GAMES 2\Need for Speed Most Wanted\odinstalovat_cz.exe
NHL™ 09-->MsiExec.exe /X{827B97A9-B347-4110-9F89-37AF2B758F94}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetup.dll,DoNTUninst
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Pixillion Image Converter-->C:\Program Files\NCH Software\Pixillion\uninst.exe
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
Power Manager 2.1.7-->"C:\Program Files\Power Manager\unins000.exe"
PowerDV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Ricochet-->"C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/60
Sakura-->C:\Program Files\Image-Line\Sakura\uninstall.exe
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
Scorpions WinCheater-->"C:\Program Files\Scorpions WinCheater\unins000.exe"
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sony Ericsson Themes Creator 3.32-->C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SweetIM for Messenger 2.8-->MsiExec.exe /X{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}
SweetIM Toolbar for Internet Explorer 3.6-->MsiExec.exe /X{31CF6C0E-51F0-41D2-B088-A6A143C4303C}
SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe
The KMPlayer (remove only)-->"E:\The KMPlayer\uninstall.exe"
Theme Maker-->C:\Windows\uninst.exe -f"C:\Program Files\Theme Maker\DeIsL1.isu" -c"C:\Program Files\Theme Maker\_ISREG32.DLL"
Theme Manager-->C:\PROGRA~1\Stardock\OBJECT~1\THEMEM~1\thememgr.exe /uninstallwise
Tony Hawk's Pro Skater 3®-->D:\ths3\UNINST~1\UNWISE.EXE D:\ths3\UNINST~1\INSTALL.LOG
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
uTorrentBar Toolbar-->C:\PROGRA~1\UTORRE~1\UNWISE.EXE /U C:\PROGRA~1\UTORRE~1\INSTALL.LOG
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Video Download Capture V2.3.2-->"C:\Program Files\Apowersoft\Video Download Capture\unins000.exe"
VLC media player 1.1.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AV: ESET NOD32 Antivirus 4.0
AS: ESET NOD32 Antivirus 4.0
AS: Windows Defender
======System event log======
Computer Name: user1-PC
Event Code: 51
Message: Na zařízení \Device\Harddisk2\DR2 byla při operaci stránkování rozpoznána chyba.
Record Number: 142997
Source Name: disk
Time Written: 20100807075625.187000-000
Event Type: Upozornění
User:
Computer Name: user1-PC
Event Code: 51
Message: Na zařízení \Device\Harddisk2\DR2 byla při operaci stránkování rozpoznána chyba.
Record Number: 142996
Source Name: disk
Time Written: 20100807075625.187000-000
Event Type: Upozornění
User:
Computer Name: user1-PC
Event Code: 51
Message: Na zařízení \Device\Harddisk2\DR2 byla při operaci stránkování rozpoznána chyba.
Record Number: 142995
Source Name: disk
Time Written: 20100807075625.187000-000
Event Type: Upozornění
User:
Computer Name: user1-PC
Event Code: 51
Message: Na zařízení \Device\Harddisk2\DR2 byla při operaci stránkování rozpoznána chyba.
Record Number: 142994
Source Name: disk
Time Written: 20100807075625.187000-000
Event Type: Upozornění
User:
Computer Name: user1-PC
Event Code: 51
Message: Na zařízení \Device\Harddisk2\DR2 byla při operaci stránkování rozpoznána chyba.
Record Number: 142993
Source Name: disk
Time Written: 20100807075625.187000-000
Event Type: Upozornění
User:
=====Application event log=====
Computer Name: LH-JUSLF18QV0GL
Event Code: 36
Message: Probíhá zastavení služby 'CLTNetCnService'.
Record Number: 441
Source Name: ccSvcHst
Time Written: 20080602114615.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: LH-JUSLF18QV0GL
Event Code: 36
Message: Probíhá zastavení služby 'ccSetMgr'.
Record Number: 440
Source Name: ccSvcHst
Time Written: 20080602114615.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: LH-JUSLF18QV0GL
Event Code: 1003
Message: Služba Licencování softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
{1,[9e042223-03bf-49ae-808f-ff37f128d40d, 8, 0xC004F014,0x0]}
{1,[a4eec485-e375-48b4-8f51-80d13a4086b6, 8, 0xC004F014,0x0]}
{1,[b6795467-dc45-4acf-af87-e948ee3f15f4, 8, 0xC004F014,0x0]}
{1,[bffdc375-bbd5-499d-8ef1-4f37b61c895f, 0, 0x0,0x0],[0x0,0x0,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0,0,0x0]}
{1,[f3acdd3c-119a-4932-a3d7-0b6f33a1dca9, 8, 0xC004F014,0x0]}
{1,[afd5f68f-b70f-4000-a21d-28dbc8be8b07, 8, 0xC004F014,0x0]}
Record Number: 439
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20080602114606.000000-000
Event Type: Informace
User:
Computer Name: LH-JUSLF18QV0GL
Event Code: 1033
Message: Zásady budou vyloučeny, protože jsou definovány jen s atributem Pouze přepsat.
Názvy zásad=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w)
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
ID SKU=bffdc375-bbd5-499d-8ef1-4f37b61c895f
Record Number: 438
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20080602114606.000000-000
Event Type: Informace
User:
Computer Name: LH-JUSLF18QV0GL
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 437
Source Name: Microsoft-Windows-Search
Time Written: 20080602114345.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: user1-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: USER1-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x29c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 30880
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100502093001.160088-000
Event Type: Úspěch auditu
User:
Computer Name: user1-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: USER1-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: localhost
Další informace: localhost
Informace o procesu:
ID procesu: 0x29c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Síťová adresa: -
Port: -
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 30879
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100502093001.160088-000
Event Type: Úspěch auditu
User:
Computer Name: user1-PC
Event Code: 5032
Message: Bráně Windows Firewall se nepodařilo oznámit uživateli, že zabránila aplikaci přijímat příchozí připojení v síti.
Kód chyby: 2
Record Number: 30878
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100502093000.536088-000
Event Type: Selhání auditu
User:
Computer Name: user1-PC
Event Code: 5032
Message: Bráně Windows Firewall se nepodařilo oznámit uživateli, že zabránila aplikaci přijímat příchozí připojení v síti.
Kód chyby: 2
Record Number: 30877
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100502092956.894088-000
Event Type: Selhání auditu
User:
Computer Name: user1-PC
Event Code: 5032
Message: Bráně Windows Firewall se nepodařilo oznámit uživateli, že zabránila aplikaci přijímat příchozí připojení v síti.
Kód chyby: 2
Record Number: 30876
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100502092956.175488-000
Event Type: Selhání auditu
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6802
"NUMBER_OF_PROCESSORS"=2
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zhoršený výkon Laptopu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zhoršený výkon Laptopu
Zdravim a pekny den preji 
Stahnete na plochu CKScanner
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete na plochu CKScanner
- Spustte a kliknete na Search for files
- Po dokonceni skenu kliknete na Save List to File a nasledne OK
- Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Zhoršený výkon Laptopu
Tak scaner mi vyhodil nasledujici :
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\age of empires 2 & the conquerors expansion - full game\crack.zip
c:\program files\image-line\hardcore\presets\i cracked my tube!.hdprg
c:\program files\mount&blade\modules\blood\textures\crackers.dds
c:\program files\mount&blade\sounds\fire_small_crackle_slick_op.ogg
c:\users\user\documents\downloads\cod4_crack.rar
scanner sequence 3.BC.11
----- EOF -----
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\age of empires 2 & the conquerors expansion - full game\crack.zip
c:\program files\image-line\hardcore\presets\i cracked my tube!.hdprg
c:\program files\mount&blade\modules\blood\textures\crackers.dds
c:\program files\mount&blade\sounds\fire_small_crackle_slick_op.ogg
c:\users\user\documents\downloads\cod4_crack.rar
scanner sequence 3.BC.11
----- EOF -----
Re: Zhoršený výkon Laptopu
Co na cracky a keygeny rici ze 
Pokracujte ComboFixem...
Pokracujte ComboFixem...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Zhoršený výkon Laptopu
ComboFix 11-03-08.06 - user 09.03.2011 15:43:00.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1199 [GMT 1:00]
Spuštěný z: c:\users\user\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\driver\TOUCHPAD\ALPS\_desktop.ini
c:\driver\TOUCHPAD\ALPS\Eula\_desktop.ini
c:\firststeps\FirstSteps.exe
c:\users\user\AppData\Roaming\Desktopicon
c:\windows\system\BisonCam.dll
c:\windows\ZIPDLL.DLL
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-09 do 2011-03-09 )))))))))))))))))))))))))))))))
.
.
2011-03-09 14:55 . 2011-03-09 14:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-09 14:55 . 2011-03-09 14:55 -------- d-----w- c:\users\Denis\AppData\Local\temp
2011-03-09 11:44 . 2011-03-09 11:44 -------- d-----w- c:\programdata\Codemasters
2011-03-09 11:16 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-03-09 11:16 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-03-09 11:16 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-03-09 11:16 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-09 10:47 . 2011-03-09 10:47 -------- d-----w- c:\users\user\AppData\Roaming\InstallShield
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- c:\program files\trend micro
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- C:\rsit
2011-03-08 14:02 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBFFE38F-77EB-4864-B85E-D8D127DCF351}\mpengine.dll
2011-02-13 18:38 . 2011-02-13 18:38 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-09 13:35 . 2010-12-31 13:57 2039808 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 13:35 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-09 13:35 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 13:35 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 13:35 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-09 13:33 . 2011-01-20 16:08 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-02-08 22:18 . 2011-02-08 22:18 -------- d-----w- c:\users\user\AppData\Local\PokerStars.NET
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-04 09:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 15:03 . 2011-01-22 15:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2010-12-28 15:55 . 2011-01-13 13:27 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-13 13:27 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBit1.dll" [2010-12-25 3911776]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2010-12-25 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-25 17:01 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngin0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-25 17:01 3911776 ----a-w- c:\program files\BitTorrentBar\tbBit1.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-25 17:01 3911776 ----a-w- c:\program files\uTorrentBar\tbuTo1.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 20:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBit1.dll" [2010-12-25 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin0.dll" [2010-12-25 3911776]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2010-12-25 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"= "c:\program files\BitTorrentBar\tbBit1.dll" [2010-12-25 3911776]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2010-12-25 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Valve\Steam\steam.exe" [2010-11-17 1242448]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-07 328056]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2011-01-13 840000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-03-13 29696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"recinfo561"="c:\recinfo\RecInfo.exe" [2007-10-23 2764800]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca8c8f5c8864d8;Služba Google Update (gupdate1ca8c8f5c8864d8);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 133104]
R3 GarenaPEngine;GarenaPEngine;c:\users\user\AppData\Local\Temp\UCG68D8.tmp [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\garena\safedrv.sys [x]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
R3 uvnc_service;uvnc_service;c:\users\user\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-07 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
S2 CrossLoopService;CrossLoop Service;c:\users\user\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-27 27488]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=en_EU&apn_uid=566BB0A5-F40A-4B7D-84E2-D508CF4FF7B5&apn_ptnrs=UJ&apn_sauid=E79AAAF9-5E4C-44D7-8628-2E895118FF46&apn_dtid=YYYYYYYYCZ&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-ares - c:\program files\Ares\Ares.exe
HKCU-Run-ICQ - ~c:\program files\ICQ6.5\ICQ.exe
AddRemove-AMX Mod X Installer - c:\users\user\Desktop\AMX Mod X\uninst.exe
AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files\Audacity 1.3 Beta (Unicode)\unins000.exe
AddRemove-Centricity DICOM Viewer - c:\program files\Centricity\DICOM Viewer\3.1\EN_US\setupw2k
AddRemove-NFS: Most Wanted - g:\hry\EA GAMES 2\Need for Speed Most Wanted\odinstalovat_cz.exe
AddRemove-Theme Maker - c:\program files\Theme Maker\DeIsL1.isu
AddRemove-{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1 - c:\program files\FlatOut2\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-09 15:56
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\user\AppData\Local\Temp\UCG68D8.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3606463345-4270932653-1878259332-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,13,bd,6c,db,03,87,e9,5a,66,52,30,84,ab,1d,0e,7a,af,2a,e5,07,
d5,ba,19,0c,0f,5e,73,67,9a,f7,79,03,4a,a0,d4,53,d5,49,80,c3,e9,79,62,b7,61,\
"rkeysecu"=hex:d1,2d,7f,0a,d5,5e,72,da,a6,66,2c,7d,92,6b,05,74
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-03-09 16:00:04
ComboFix-quarantined-files.txt 2011-03-09 15:00
.
Před spuštěním: Volných bajtů: 11 214 999 552
Po spuštění: Volných bajtů: 12 698 275 840
.
- - End Of File - - 0E8FA1E5225DDA9650ADB8BC4A1F240C
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1199 [GMT 1:00]
Spuštěný z: c:\users\user\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\driver\TOUCHPAD\ALPS\_desktop.ini
c:\driver\TOUCHPAD\ALPS\Eula\_desktop.ini
c:\firststeps\FirstSteps.exe
c:\users\user\AppData\Roaming\Desktopicon
c:\windows\system\BisonCam.dll
c:\windows\ZIPDLL.DLL
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-09 do 2011-03-09 )))))))))))))))))))))))))))))))
.
.
2011-03-09 14:55 . 2011-03-09 14:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-09 14:55 . 2011-03-09 14:55 -------- d-----w- c:\users\Denis\AppData\Local\temp
2011-03-09 11:44 . 2011-03-09 11:44 -------- d-----w- c:\programdata\Codemasters
2011-03-09 11:16 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-03-09 11:16 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-03-09 11:16 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-03-09 11:16 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-09 10:47 . 2011-03-09 10:47 -------- d-----w- c:\users\user\AppData\Roaming\InstallShield
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- c:\program files\trend micro
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- C:\rsit
2011-03-08 14:02 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBFFE38F-77EB-4864-B85E-D8D127DCF351}\mpengine.dll
2011-02-13 18:38 . 2011-02-13 18:38 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-09 13:35 . 2010-12-31 13:57 2039808 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 13:35 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-09 13:35 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 13:35 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 13:35 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-09 13:33 . 2011-01-20 16:08 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-02-08 22:18 . 2011-02-08 22:18 -------- d-----w- c:\users\user\AppData\Local\PokerStars.NET
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-04 09:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 15:03 . 2011-01-22 15:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2010-12-28 15:55 . 2011-01-13 13:27 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-13 13:27 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBit1.dll" [2010-12-25 3911776]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2010-12-25 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-25 17:01 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngin0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-25 17:01 3911776 ----a-w- c:\program files\BitTorrentBar\tbBit1.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-25 17:01 3911776 ----a-w- c:\program files\uTorrentBar\tbuTo1.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 20:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBit1.dll" [2010-12-25 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin0.dll" [2010-12-25 3911776]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2010-12-25 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"= "c:\program files\BitTorrentBar\tbBit1.dll" [2010-12-25 3911776]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTo1.dll" [2010-12-25 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Valve\Steam\steam.exe" [2010-11-17 1242448]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-07 328056]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2011-01-13 840000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-03-13 29696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"recinfo561"="c:\recinfo\RecInfo.exe" [2007-10-23 2764800]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca8c8f5c8864d8;Služba Google Update (gupdate1ca8c8f5c8864d8);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 133104]
R3 GarenaPEngine;GarenaPEngine;c:\users\user\AppData\Local\Temp\UCG68D8.tmp [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\garena\safedrv.sys [x]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
R3 uvnc_service;uvnc_service;c:\users\user\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-07 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
S2 CrossLoopService;CrossLoop Service;c:\users\user\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-27 27488]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=en_EU&apn_uid=566BB0A5-F40A-4B7D-84E2-D508CF4FF7B5&apn_ptnrs=UJ&apn_sauid=E79AAAF9-5E4C-44D7-8628-2E895118FF46&apn_dtid=YYYYYYYYCZ&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-ares - c:\program files\Ares\Ares.exe
HKCU-Run-ICQ - ~c:\program files\ICQ6.5\ICQ.exe
AddRemove-AMX Mod X Installer - c:\users\user\Desktop\AMX Mod X\uninst.exe
AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files\Audacity 1.3 Beta (Unicode)\unins000.exe
AddRemove-Centricity DICOM Viewer - c:\program files\Centricity\DICOM Viewer\3.1\EN_US\setupw2k
AddRemove-NFS: Most Wanted - g:\hry\EA GAMES 2\Need for Speed Most Wanted\odinstalovat_cz.exe
AddRemove-Theme Maker - c:\program files\Theme Maker\DeIsL1.isu
AddRemove-{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1 - c:\program files\FlatOut2\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-09 15:56
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\user\AppData\Local\Temp\UCG68D8.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3606463345-4270932653-1878259332-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,13,bd,6c,db,03,87,e9,5a,66,52,30,84,ab,1d,0e,7a,af,2a,e5,07,
d5,ba,19,0c,0f,5e,73,67,9a,f7,79,03,4a,a0,d4,53,d5,49,80,c3,e9,79,62,b7,61,\
"rkeysecu"=hex:d1,2d,7f,0a,d5,5e,72,da,a6,66,2c,7d,92,6b,05,74
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-03-09 16:00:04
ComboFix-quarantined-files.txt 2011-03-09 15:00
.
Před spuštěním: Volných bajtů: 11 214 999 552
Po spuštění: Volných bajtů: 12 698 275 840
.
- - End Of File - - 0E8FA1E5225DDA9650ADB8BC4A1F240C
Re: Zhoršený výkon Laptopu
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: c:\program files\Ask.com c:\program files\SweetIM\Toolbars c:\program files\BitTorrentBar c:\program files\uTorrentBar c:\recinfo Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"=- "{EEE6C35D-6118-11DC-9C72-001320C79847}"=- "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=- "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- [-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] [-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [-HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=- "{30F9B915-B755-4826-820B-08FBA6BD249D}"=- "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- [-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [-HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] [-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [HKEY_CURENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=- "{30F9B915-B755-4826-820B-08FBA6BD249D}"=- "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=- "SweetIM"=- "recinfo561"=- [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000000 [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] Driver:: gupdate1ca8c8f5c8864d8 DDs:: uStart Page = hxxp://start.icq.com/ mStart Page = hxxp://home.sweetim.com Firefox:: FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - ICQ Search FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... YYYYYCZ&q= FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} FF - Ext: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} FF - Ext: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} RegLock:: [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Zhoršený výkon Laptopu
ComboFix 11-03-08.06 - user 09.03.2011 16:23:35.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1123 [GMT 1:00]
Spuštěný z: c:\users\user\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\user\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_c764.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\BitTorrentBar
c:\program files\BitTorrentBar\BitTorrentBarToolbarHelper.exe
c:\program files\BitTorrentBar\GottenAppsContextMenu.xml
c:\program files\BitTorrentBar\INSTALL.LOG
c:\program files\BitTorrentBar\OtherAppsContextMenu.xml
c:\program files\BitTorrentBar\SharedAppsContextMenu.xml
c:\program files\BitTorrentBar\tbBit1.dll
c:\program files\BitTorrentBar\tbBitT.dll
c:\program files\BitTorrentBar\toolbar.cfg
c:\program files\BitTorrentBar\ToolbarContextMenu.xml
c:\program files\BitTorrentBar\UNWISE.EXE
c:\program files\SweetIM\Toolbars
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\program files\uTorrentBar
c:\program files\uTorrentBar\GottenAppsContextMenu.xml
c:\program files\uTorrentBar\INSTALL.LOG
c:\program files\uTorrentBar\OtherAppsContextMenu.xml
c:\program files\uTorrentBar\SharedAppsContextMenu.xml
c:\program files\uTorrentBar\tbuTo1.dll
c:\program files\uTorrentBar\tbuTor.dll
c:\program files\uTorrentBar\toolbar.cfg
c:\program files\uTorrentBar\ToolbarContextMenu.xml
c:\program files\uTorrentBar\UNWISE.EXE
c:\program files\uTorrentBar\uTorrentBarToolbarHelper.exe
c:\recinfo
c:\recinfo\RecInfo.application
c:\recinfo\RecInfo.exe
c:\recinfo\RecInfo.exe.manifest
c:\recinfo\RecInfo.pdb
c:\recinfo\RecInfo.vshost.application
c:\recinfo\RecInfo.vshost.exe
c:\recinfo\RecInfo.vshost.exe.manifest
c:\recinfo\RecInfo.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitAutoCompleteSearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitAutoCompleteSearch.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.idl
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\FFExternalAlert.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\FFExternalAlert.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCore.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCore.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\default_radio_skin.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\fbAlert.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\bittorrentbar.jar
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\lib\xpcom.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\zigbert.sf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.ico
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.PNG
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.src
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\setup.ini
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\version.txt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.idl
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\FFExternalAlert.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\FFExternalAlert.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\default_radio_skin.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\fbAlert.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\lib\xpcom.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.sf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.ico
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.PNG
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.src
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\setup.ini
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\version.txt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components\SIMAutoCompleteSearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar.jar
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.sf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate1ca8c8f5c8864d8
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-09 do 2011-03-09 )))))))))))))))))))))))))))))))
.
.
2011-03-09 15:32 . 2011-03-09 15:36 -------- d-----w- c:\users\user\AppData\Local\temp
2011-03-09 15:32 . 2011-03-09 15:32 -------- d-----w- c:\users\Denis\AppData\Local\temp
2011-03-09 11:44 . 2011-03-09 11:44 -------- d-----w- c:\programdata\Codemasters
2011-03-09 11:16 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-03-09 11:16 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-03-09 11:16 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-03-09 11:16 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-09 10:47 . 2011-03-09 10:47 -------- d-----w- c:\users\user\AppData\Roaming\InstallShield
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- c:\program files\trend micro
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- C:\rsit
2011-03-08 14:02 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBFFE38F-77EB-4864-B85E-D8D127DCF351}\mpengine.dll
2011-02-13 18:38 . 2011-02-13 18:38 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-09 13:35 . 2010-12-31 13:57 2039808 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 13:35 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-09 13:35 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 13:35 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 13:35 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-09 13:33 . 2011-01-20 16:08 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-02-08 22:18 . 2011-02-08 22:18 -------- d-----w- c:\users\user\AppData\Local\PokerStars.NET
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-04 09:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 15:03 . 2011-01-22 15:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2010-12-28 15:55 . 2011-01-13 13:27 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-13 13:27 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Valve\Steam\steam.exe" [2010-11-17 1242448]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-07 328056]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2011-01-13 840000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-03-13 29696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GarenaPEngine;GarenaPEngine;c:\users\user\AppData\Local\Temp\UCG68D8.tmp [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\garena\safedrv.sys [x]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
R3 uvnc_service;uvnc_service;c:\users\user\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-07 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
S2 CrossLoopService;CrossLoop Service;c:\users\user\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-27 27488]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-recinfo561 - c:\recinfo\RecInfo.exe
AddRemove-BitTorrentBar Toolbar - c:\progra~1\BITTOR~2\UNWISE.EXE
AddRemove-uTorrentBar Toolbar - c:\progra~1\UTORRE~1\UNWISE.EXE
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\user\AppData\Local\Temp\UCG68D8.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3606463345-4270932653-1878259332-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,13,bd,6c,db,03,87,e9,5a,66,52,30,84,ab,1d,0e,7a,af,2a,e5,07,
d5,ba,19,0c,0f,5e,73,67,9a,f7,79,03,4a,a0,d4,53,d5,49,80,c3,e9,79,62,b7,61,\
"rkeysecu"=hex:d1,2d,7f,0a,d5,5e,72,da,a6,66,2c,7d,92,6b,05,74
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5632)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Celkový čas: 2011-03-09 16:41:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-09 15:41
ComboFix2.txt 2011-03-09 15:00
.
Před spuštěním: Volných bajtů: 12 673 413 120
Po spuštění: Volných bajtů: 12 304 678 912
.
- - End Of File - - A47B20BD9D3B2DF9F10E652A62DC64A9
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1123 [GMT 1:00]
Spuštěný z: c:\users\user\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\user\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_c764.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\BitTorrentBar
c:\program files\BitTorrentBar\BitTorrentBarToolbarHelper.exe
c:\program files\BitTorrentBar\GottenAppsContextMenu.xml
c:\program files\BitTorrentBar\INSTALL.LOG
c:\program files\BitTorrentBar\OtherAppsContextMenu.xml
c:\program files\BitTorrentBar\SharedAppsContextMenu.xml
c:\program files\BitTorrentBar\tbBit1.dll
c:\program files\BitTorrentBar\tbBitT.dll
c:\program files\BitTorrentBar\toolbar.cfg
c:\program files\BitTorrentBar\ToolbarContextMenu.xml
c:\program files\BitTorrentBar\UNWISE.EXE
c:\program files\SweetIM\Toolbars
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\program files\uTorrentBar
c:\program files\uTorrentBar\GottenAppsContextMenu.xml
c:\program files\uTorrentBar\INSTALL.LOG
c:\program files\uTorrentBar\OtherAppsContextMenu.xml
c:\program files\uTorrentBar\SharedAppsContextMenu.xml
c:\program files\uTorrentBar\tbuTo1.dll
c:\program files\uTorrentBar\tbuTor.dll
c:\program files\uTorrentBar\toolbar.cfg
c:\program files\uTorrentBar\ToolbarContextMenu.xml
c:\program files\uTorrentBar\UNWISE.EXE
c:\program files\uTorrentBar\uTorrentBarToolbarHelper.exe
c:\recinfo
c:\recinfo\RecInfo.application
c:\recinfo\RecInfo.exe
c:\recinfo\RecInfo.exe.manifest
c:\recinfo\RecInfo.pdb
c:\recinfo\RecInfo.vshost.application
c:\recinfo\RecInfo.vshost.exe
c:\recinfo\RecInfo.vshost.exe.manifest
c:\recinfo\RecInfo.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitAutoCompleteSearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitAutoCompleteSearch.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.idl
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\FFExternalAlert.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\FFExternalAlert.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCore.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCore.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\default_radio_skin.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\fbAlert.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\bittorrentbar.jar
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\lib\xpcom.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\zigbert.sf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.ico
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.PNG
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.src
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\setup.ini
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\version.txt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.idl
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\FFExternalAlert.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\FFExternalAlert.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.xpt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\default_radio_skin.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\fbAlert.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\lib\xpcom.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.sf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.gif
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.ico
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.PNG
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.src
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\setup.ini
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\version.txt
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components\SIMAutoCompleteSearch.js
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome.manifest
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar.jar
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\install.rdf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\manifest.mf
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.rsa
c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.sf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate1ca8c8f5c8864d8
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-09 do 2011-03-09 )))))))))))))))))))))))))))))))
.
.
2011-03-09 15:32 . 2011-03-09 15:36 -------- d-----w- c:\users\user\AppData\Local\temp
2011-03-09 15:32 . 2011-03-09 15:32 -------- d-----w- c:\users\Denis\AppData\Local\temp
2011-03-09 11:44 . 2011-03-09 11:44 -------- d-----w- c:\programdata\Codemasters
2011-03-09 11:16 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-03-09 11:16 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-03-09 11:16 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-03-09 11:16 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-09 10:47 . 2011-03-09 10:47 -------- d-----w- c:\users\user\AppData\Roaming\InstallShield
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- c:\program files\trend micro
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- C:\rsit
2011-03-08 14:02 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBFFE38F-77EB-4864-B85E-D8D127DCF351}\mpengine.dll
2011-02-13 18:38 . 2011-02-13 18:38 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-09 13:35 . 2010-12-31 13:57 2039808 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 13:35 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-09 13:35 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 13:35 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 13:35 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-09 13:33 . 2011-01-20 16:08 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-02-08 22:18 . 2011-02-08 22:18 -------- d-----w- c:\users\user\AppData\Local\PokerStars.NET
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-04 09:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 15:03 . 2011-01-22 15:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2010-12-28 15:55 . 2011-01-13 13:27 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-13 13:27 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Valve\Steam\steam.exe" [2010-11-17 1242448]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-07 328056]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2011-01-13 840000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-03-13 29696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GarenaPEngine;GarenaPEngine;c:\users\user\AppData\Local\Temp\UCG68D8.tmp [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\garena\safedrv.sys [x]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
R3 uvnc_service;uvnc_service;c:\users\user\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-07 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
S2 CrossLoopService;CrossLoop Service;c:\users\user\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-27 27488]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-recinfo561 - c:\recinfo\RecInfo.exe
AddRemove-BitTorrentBar Toolbar - c:\progra~1\BITTOR~2\UNWISE.EXE
AddRemove-uTorrentBar Toolbar - c:\progra~1\UTORRE~1\UNWISE.EXE
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\user\AppData\Local\Temp\UCG68D8.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3606463345-4270932653-1878259332-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,13,bd,6c,db,03,87,e9,5a,66,52,30,84,ab,1d,0e,7a,af,2a,e5,07,
d5,ba,19,0c,0f,5e,73,67,9a,f7,79,03,4a,a0,d4,53,d5,49,80,c3,e9,79,62,b7,61,\
"rkeysecu"=hex:d1,2d,7f,0a,d5,5e,72,da,a6,66,2c,7d,92,6b,05,74
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5632)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Celkový čas: 2011-03-09 16:41:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-09 15:41
ComboFix2.txt 2011-03-09 15:00
.
Před spuštěním: Volných bajtů: 12 673 413 120
Po spuštění: Volných bajtů: 12 304 678 912
.
- - End Of File - - A47B20BD9D3B2DF9F10E652A62DC64A9
Re: Zhoršený výkon Laptopu
Jeste jeden skript pro ComboFix - postup je stejny
Kód: Vybrat vše
Folder::
c:\program files\ICQ6Toolbar
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"SweetIM"=-
Driver::
ICQ Service
Reboot::"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Zhoršený výkon Laptopu
ComboFix 11-03-08.06 - user 11.03.2011 11:03:54.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1429 [GMT 1:00]
Spuštěný z: c:\users\user\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\user\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-11 do 2011-03-11 )))))))))))))))))))))))))))))))
.
.
2011-03-11 10:19 . 2011-03-11 10:42 -------- d-----w- c:\users\user\AppData\Local\temp
2011-03-11 10:19 . 2011-03-11 10:19 -------- d-----w- c:\users\Denis\AppData\Local\temp
2011-03-11 10:19 . 2011-03-11 10:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-11 07:23 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{583753CE-20A0-4E99-914F-8931B884C7F5}\mpengine.dll
2011-03-09 11:44 . 2011-03-09 11:44 -------- d-----w- c:\programdata\Codemasters
2011-03-09 11:16 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-03-09 11:16 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-03-09 11:16 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-03-09 11:16 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-09 10:47 . 2011-03-09 10:47 -------- d-----w- c:\users\user\AppData\Roaming\InstallShield
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- c:\program files\trend micro
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- C:\rsit
2011-03-09 08:04 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 08:04 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 08:04 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 08:04 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 08:04 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 08:04 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-13 18:38 . 2011-02-13 18:38 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-09 13:35 . 2010-12-31 13:57 2039808 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 13:35 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-09 13:35 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 13:35 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 13:35 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-09 13:33 . 2011-01-20 16:08 478720 ----a-w- c:\windows\system32\dxgi.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-04 09:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 15:03 . 2011-01-22 15:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2010-12-28 15:55 . 2011-01-13 13:27 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-13 13:27 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Valve\Steam\steam.exe" [2010-11-17 1242448]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-07 328056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-03-13 29696]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GarenaPEngine;GarenaPEngine;c:\users\user\AppData\Local\Temp\UCG68D8.tmp [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\garena\safedrv.sys [x]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
R3 uvnc_service;uvnc_service;c:\users\user\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-07 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
S2 CrossLoopService;CrossLoop Service;c:\users\user\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-27 27488]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
2011-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=en_EU&apn_uid=566BB0A5-F40A-4B7D-84E2-D508CF4FF7B5&apn_ptnrs=UJ&apn_sauid=E79AAAF9-5E4C-44D7-8628-2E895118FF46&apn_dtid=YYYYYYYYCZ&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-11 11:42
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\user\AppData\Local\Temp\UCG68D8.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3606463345-4270932653-1878259332-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,13,bd,6c,db,03,87,e9,5a,66,52,30,84,ab,1d,0e,7a,af,2a,e5,07,
d5,ba,19,0c,0f,5e,73,67,9a,f7,79,03,4a,a0,d4,53,d5,49,80,c3,e9,79,62,b7,61,\
"rkeysecu"=hex:d1,2d,7f,0a,d5,5e,72,da,a6,66,2c,7d,92,6b,05,74
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Celkový čas: 2011-03-11 11:45:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-11 10:45
ComboFix2.txt 2011-03-09 15:42
ComboFix3.txt 2011-03-09 15:00
.
Před spuštěním: Volných bajtů: 11 222 052 864
Po spuštění: Volných bajtů: 11 089 158 144
.
- - End Of File - - 4EE350D07092DE63B60F1E9D8AB484E9
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1429 [GMT 1:00]
Spuštěný z: c:\users\user\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\user\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-11 do 2011-03-11 )))))))))))))))))))))))))))))))
.
.
2011-03-11 10:19 . 2011-03-11 10:42 -------- d-----w- c:\users\user\AppData\Local\temp
2011-03-11 10:19 . 2011-03-11 10:19 -------- d-----w- c:\users\Denis\AppData\Local\temp
2011-03-11 10:19 . 2011-03-11 10:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-11 07:23 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{583753CE-20A0-4E99-914F-8931B884C7F5}\mpengine.dll
2011-03-09 11:44 . 2011-03-09 11:44 -------- d-----w- c:\programdata\Codemasters
2011-03-09 11:16 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-03-09 11:16 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-03-09 11:16 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-03-09 11:16 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-03-09 11:16 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-09 10:47 . 2011-03-09 10:47 -------- d-----w- c:\users\user\AppData\Roaming\InstallShield
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- c:\program files\trend micro
2011-03-09 09:01 . 2011-03-09 09:02 -------- d-----w- C:\rsit
2011-03-09 08:04 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 08:04 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 08:04 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 08:04 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 08:04 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 08:04 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-02-13 18:38 . 2011-02-13 18:38 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-09 13:35 . 2010-12-31 13:57 2039808 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 13:35 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-09 13:35 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 13:35 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 13:35 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-09 13:33 . 2011-01-20 16:08 478720 ----a-w- c:\windows\system32\dxgi.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-04 09:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 15:03 . 2011-01-22 15:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2010-12-28 15:55 . 2011-01-13 13:27 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-13 13:27 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Valve\Steam\steam.exe" [2010-11-17 1242448]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-07 328056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-03-13 29696]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GarenaPEngine;GarenaPEngine;c:\users\user\AppData\Local\Temp\UCG68D8.tmp [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\garena\safedrv.sys [x]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
R3 uvnc_service;uvnc_service;c:\users\user\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-07 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
S2 CrossLoopService;CrossLoop Service;c:\users\user\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-27 27488]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
2011-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-03 16:10]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\om00x4ot.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=en_EU&apn_uid=566BB0A5-F40A-4B7D-84E2-D508CF4FF7B5&apn_ptnrs=UJ&apn_sauid=E79AAAF9-5E4C-44D7-8628-2E895118FF46&apn_dtid=YYYYYYYYCZ&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-11 11:42
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\user\AppData\Local\Temp\UCG68D8.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3606463345-4270932653-1878259332-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,13,bd,6c,db,03,87,e9,5a,66,52,30,84,ab,1d,0e,7a,af,2a,e5,07,
d5,ba,19,0c,0f,5e,73,67,9a,f7,79,03,4a,a0,d4,53,d5,49,80,c3,e9,79,62,b7,61,\
"rkeysecu"=hex:d1,2d,7f,0a,d5,5e,72,da,a6,66,2c,7d,92,6b,05,74
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Celkový čas: 2011-03-11 11:45:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-11 10:45
ComboFix2.txt 2011-03-09 15:42
ComboFix3.txt 2011-03-09 15:00
.
Před spuštěním: Volných bajtů: 11 222 052 864
Po spuštění: Volných bajtů: 11 089 158 144
.
- - End Of File - - 4EE350D07092DE63B60F1E9D8AB484E9
Re: Zhoršený výkon Laptopu
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Doporucuji provest defragmentaci disku
- Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
- Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
- Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace
Dejte novy log z RSIT a napiste jak se chova PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?