Mám havěť v počítači ?

Zpráva

#31 Příspěvek od **motji** » 07 říj 2010 14:59

Hezké odpoledne

,
Doporučila bych Vám občas zkontrolovat počáítač mbamem, ale pokud něco najde, nemazat to ale zeptat se třeba zde.

A jednou za čas, podle potřeby, sem můžete vložit log ze rsitu, já Vám na něj kouknu

roomm · #32 Příspěvek od **roomm** » 07 říj 2010 16:45

mbam rychlý scan je OK
mám postit i ten kompletní ?

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4422

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

7.10.2010 17:40:26
mbam-log-2010-10-07 (17-40-26).txt

Typ skenu: Rychlý sken
Skenované objekty: 159232
Uplynulý čas: 7 minuta(y), 45 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

roomm · #33 Příspěvek od **roomm** » 07 říj 2010 16:54

RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by User at 2010-10-07 17:43:02
Microsoft Windows 7 Home Premium
System drive C: has 195 GB (32%) free of 610 GB
Total RAM: 4030 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:43:05, on 7.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Portrait Displays\HP Display Assistant\DTHtml.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Photoshop.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files\trend micro\User.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT HWP] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Asset Management Daemon - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\system32\astsrv.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14091 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\astsrv.exe
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe" View=show_in_tray
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe"
"C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"C:\Program Files (x86)\Portrait Displays\HP Display Assistant\DTHtml.exe" -Customer=HWP -startup_folder
"C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c317f16d-ec60-498f-be30-c2d965fa0baf -SystemEventPortName:HostProcess-d539857d-1115-477e-aa05-c350d54dd02e -IoCancelEventPortName:HostProcess-2ccdc3fe-4520-4ece-bc90-78e61279ea65 -NonStateChangingEventPortName:HostProcess-a8111f2f-0a11-44ad-8e7a-564cfec09697 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b67f5799-1c37-4aa4-921a-79a29fc5dcea
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F0EC00.1245374632 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.04D8C300.1982962928 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F02780.1281667685 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F78D80.154083382 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F22780.1021249752 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F22480.124424929 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F02D80.1998579564 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F02480.1651681237 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F02600.185923363 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F0E780.200626654 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path=C:\Users\User\AppData\Local\Google\Chrome\Application\6.0.472.63\gcswf32.dll --lang=cs --plugin-data-dir="C:\Users\User\AppData\Local\Google\Chrome\User Data\Default" --channel=1972.08290E4C.1255932575 /prefetch:4
"C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Photoshop.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.02F0ED80.1681425381 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.04D83900.177421901 /prefetch:3
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_1/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=1972.04D83600.1683488564 /prefetch:3
"C:\Program Files\Adobe\Adobe Photoshop Lightroom 3\lightroom.exe"
"C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "C:\Users\User\Pictures\_MANDALY\IMG_5825_pano copy 3.jpg"
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\User\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-07 (17-40-26).txt
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\User\Downloads\RSITx64.exe"
taskeng.exe {46DD6DDA-486F-448C-B69F-A68A6971CAB0}
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-250642317-2044581209-3884301123-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-250642317-2044581209-3884301123-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2009-12-19 500208]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2716216]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"Google Desktop Search"=C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"UpdatePDRShortCut"=C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2009-12-15 515560]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-01-08 392424]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"PivotSoftware"=C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [2009-03-03 694824]
"DT HWP"=C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [2009-06-26 86016]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-08-18 249856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-07 17:43:02 ----D---- C:\rsit
2010-10-07 17:13:16 ----SHD---- C:\Config.Msi
2010-10-07 12:23:45 ----D---- C:\Users\User\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2010-10-07 12:23:32 ----D---- C:\Users\User\AppData\Roaming\HTC
2010-10-07 12:17:55 ----D---- C:\Program Files (x86)\Spirent Communications
2010-10-07 12:17:33 ----D---- C:\Program Files (x86)\HTC
2010-10-06 13:48:24 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-10-06 13:48:22 ----D---- C:\Program Files\Common Files\DESIGNER
2010-10-06 13:47:51 ----D---- C:\Windows\PCHEALTH
2010-10-06 13:47:51 ----D---- C:\Program Files\Microsoft Sync Framework
2010-10-06 13:47:51 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-10-06 13:43:50 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-10-06 13:42:14 ----D---- C:\Program Files\Microsoft Analysis Services
2010-10-06 13:42:13 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2010-10-06 13:38:36 ----D---- C:\Program Files\Microsoft Office
2010-10-06 13:34:18 ----RHD---- C:\MSOCache
2010-10-06 12:17:28 ----D---- C:\Users\User\AppData\Roaming\DisplayTune
2010-10-06 12:08:22 ----A---- C:\Windows\SYSWOW64\Machnm32.sys
2010-10-06 12:07:51 ----A---- C:\Windows\system32\drivers\PdiPorts.sys
2010-10-06 12:07:36 ----A---- C:\Windows\msvcr70.dll
2010-10-06 12:07:36 ----A---- C:\Windows\msvcp70.dll
2010-10-06 12:07:35 ----A---- C:\Windows\msvcr80.dll
2010-10-06 12:07:35 ----A---- C:\Windows\msvcp80.dll
2010-10-06 12:07:35 ----A---- C:\Windows\msvcm80.dll
2010-10-06 12:07:35 ----A---- C:\Windows\msvbvm60.dll
2010-10-06 12:07:35 ----A---- C:\Windows\mfcm80u.dll
2010-10-06 12:07:35 ----A---- C:\Windows\mfcm80.dll
2010-10-06 12:07:35 ----A---- C:\Windows\mfc80u.dll
2010-10-06 12:07:35 ----A---- C:\Windows\mfc80.dll
2010-10-06 12:07:35 ----A---- C:\Windows\mfc70.dll
2010-10-06 12:07:35 ----A---- C:\Windows\ijl15.dll
2010-10-06 12:07:35 ----A---- C:\Windows\atl80.dll
2010-10-06 12:07:25 ----D---- C:\Program Files (x86)\Portrait Displays
2010-10-05 15:30:11 ----A---- C:\Windows\Easy DVD Creator.INI
2010-10-05 15:29:29 ----D---- C:\Program Files (x86)\Easy DVD Creator
2010-10-04 18:12:52 ----D---- C:\Program Files (x86)\VideoConverter
2010-10-04 17:12:51 ----A---- C:\Windows\SYSWOW64\ssubtmr6.dll
2010-09-29 15:31:08 ----A---- C:\Windows\system32\drivers\ks.sys
2010-09-29 09:27:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-09-29 09:27:55 ----A---- C:\Windows\system32\tzres.dll
2010-09-27 11:36:38 ----D---- C:\Program Files\ESET
2010-09-15 21:06:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-09-15 21:06:37 ----A---- C:\Windows\system32\iertutil.dll
2010-09-15 07:09:07 ----A---- C:\Windows\system32\spoolsv.exe

======List of files/folders modified in the last 1 months======

2010-10-07 17:43:05 ----D---- C:\Windows\Temp
2010-10-07 17:43:04 ----D---- C:\Program Files\trend micro
2010-10-07 17:25:04 ----D---- C:\Windows\system32\config
2010-10-07 17:19:12 ----A---- C:\Windows\SYSWOW64\log.txt
2010-10-07 17:18:54 ----HD---- C:\ProgramData
2010-10-07 17:13:21 ----SHD---- C:\Windows\Installer
2010-10-07 17:13:20 ----RD---- C:\Program Files (x86)
2010-10-07 17:12:58 ----D---- C:\ProgramData\Lavasoft
2010-10-07 17:12:57 ----DC---- C:\Windows\system32\DRVSTORE
2010-10-07 17:12:57 ----D---- C:\Windows\system32\drivers
2010-10-07 17:12:56 ----D---- C:\Windows\System32
2010-10-07 16:55:34 ----D---- C:\Windows\Tasks
2010-10-07 12:58:01 ----D---- C:\ProgramData\Microsoft Help
2010-10-07 12:57:37 ----SHD---- C:\System Volume Information
2010-10-07 12:18:04 ----D---- C:\Windows\system32\DriverStore
2010-10-07 12:18:04 ----D---- C:\Windows\system32\catroot
2010-10-07 12:18:04 ----D---- C:\Windows\inf
2010-10-07 12:18:01 ----AD---- C:\Windows
2010-10-07 12:17:29 ----D---- C:\Users\User\AppData\Roaming\Adobe
2010-10-07 12:17:28 ----D---- C:\Program Files (x86)\Adobe
2010-10-07 11:42:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-06 19:03:01 ----RSD---- C:\Windows\assembly
2010-10-06 19:03:01 ----D---- C:\Windows\Microsoft.NET
2010-10-06 13:51:42 ----D---- C:\Windows\winsxs
2010-10-06 13:51:10 ----D---- C:\Windows\system32\Tasks
2010-10-06 13:49:57 ----RSD---- C:\Windows\Fonts
2010-10-06 13:49:51 ----D---- C:\Windows\system32\wbem
2010-10-06 13:49:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-10-06 13:49:20 ----D---- C:\Program Files (x86)\MSBuild
2010-10-06 13:48:24 ----RD---- C:\Program Files
2010-10-06 13:48:24 ----D---- C:\Windows\ShellNew
2010-10-06 13:48:22 ----D---- C:\Program Files\Common Files
2010-10-06 13:47:51 ----SD---- C:\ProgramData\Microsoft
2010-10-06 13:47:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-10-06 13:42:52 ----A---- C:\Windows\win.ini
2010-10-06 13:42:51 ----D---- C:\Program Files\Common Files\System
2010-10-06 13:38:58 ----D---- C:\Program Files (x86)\Microsoft Office
2010-10-06 13:27:06 ----D---- C:\Windows\SysWOW64
2010-10-06 13:27:05 ----D---- C:\Program Files (x86)\Common Files
2010-10-06 13:04:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-10-06 13:04:12 ----D---- C:\ProgramData\onOne Software
2010-10-06 13:03:54 ----D---- C:\Users\User\AppData\Roaming\onOne Software
2010-10-06 09:48:46 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-10-06 09:47:11 ----D---- C:\Windows\Prefetch
2010-10-06 07:42:51 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2010-10-06 07:37:43 ----D---- C:\Windows\system32\catroot2
2010-10-03 20:21:51 ----D---- C:\Program Files (x86)\Google
2010-09-30 03:44:28 ----D---- C:\Windows\rescache
2010-09-30 03:16:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-09-30 03:16:57 ----D---- C:\Windows\system32\cs-CZ
2010-09-30 03:16:57 ----D---- C:\Program Files\Internet Explorer
2010-09-30 03:16:57 ----D---- C:\Program Files (x86)\Internet Explorer
2010-09-29 16:31:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-09-15 21:07:09 ----A---- C:\Windows\system32\MRT.exe
2010-09-15 20:55:18 ----D---- C:\Users\User\AppData\Roaming\Skype
2010-09-15 16:00:49 ----D---- C:\Users\User\AppData\Roaming\skypePM
2010-09-14 10:41:24 ----D---- C:\Users\User\AppData\Roaming\PTGui

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-29 136584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 85424]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-29 144824]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 123200]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\system32\DRIVERS\PdiPorts.sys [2009-05-27 20520]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 Asset Management Daemon;Asset Management Daemon; C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe [2009-06-26 118784]
R2 astcc;AST Service; C:\Windows\syswow64\astsrv.exe [2009-11-20 57344]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [2009-06-26 69632]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-09-29 735960]
R2 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2007-05-29 105240]
R2 NMSAccess;NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 159336]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-05-27 109096]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [2010-04-02 186760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 116224]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 23296]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-02-11 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-11 655624]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-26 30192]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2009-12-15 515560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-13 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#34 Příspěvek od **motji** » 07 říj 2010 18:01

Můžete udělat uplný sken mbam.
Máte s počítačem nějaké problémy?

roomm · #35 Příspěvek od **roomm** » 07 říj 2010 18:29

asi ne, ale když mam zapnutý outlook tak pořád chroustá... tak si říkam či nedělá neco...

#36 Příspěvek od **motji** » 07 říj 2010 18:52

A nějaké noční výlety neprovozuje?

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

roomm · #37 Příspěvek od **roomm** » 08 říj 2010 07:11

full scan

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4422

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

8.10.2010 0:04:39
mbam-log-2010-10-08 (00-04-39).txt

Typ skenu: Úplný sken (C:\|J:\|)
Skenované objekty: 540115
Uplynulý čas: 1 hodina(y), 29 minuta(y), 31 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

roomm · #38 Příspěvek od **roomm** » 08 říj 2010 07:48

po kompletnim scanu mi OTL napíše: Cannot create file: C:\User\User\Destktop\cmd.bat

????

#39 Příspěvek od **motji** » 08 říj 2010 09:02

A log na Vás nevyhodí: Zkuste h spustit v nouzovém režimu.

roomm · #40 Příspěvek od **roomm** » 08 říj 2010 09:35

jo tak to už šlo. ale jedna věc mi přišla divná, při ukončování windows se objevila hláška o ukončování programu na pozadí ale nebylo tam jeho jméno... ???

tady jsou ty soubory z OTL

EXTRAS

OTL Extras logfile created on: 8.10.2010 10:24:21 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 188,58 Gb Free Space | 31,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 465,65 Gb Total Space | 30,52 Gb Free Space | 6,55% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 446,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive J: | 930,86 Gb Total Space | 881,72 Gb Free Space | 94,72% Space Free | Partition Type: NTFS
Drive M: | 3,79 Gb Total Space | 3,71 Gb Free Space | 97,93% Space Free | Partition Type: FAT32

Computer Name: GRAFIKA
Current User Name: User
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
.js [@ = jsfile] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [ACDSee Pro 3.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 3.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{056B9C5B-2E8D-4EBC-941C-06C78A30ABB3}" = Microsoft_VC80_ATL_x86_x64
"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit
"{138D2BE4-7981-4F34-BA23-81B6B99D0DE6}" = Microsoft_VC80_MFCLOC_x86_x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{37EA4EB5-2C4D-40CC-9EB1-762F1711ECDE}" = Adobe Photoshop Lightroom 2.2 64-bit
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D46855F-7B71-4CF7-A270-62E0E4F05037}" = Microsoft_VC80_CRT_x86_x64
"{4183655A-5FC6-4A23-A804-7764145EC57C}" = ESET NOD32 Antivirus
"{47A70BC0-BB3E-468B-9E01-56CCD6F2A911}" = Microsoft_VC80_MFC_x86_x64
"{624DEC4B-C864-4B33-AF6C-D1C290F23C7C}" = The Panorama Factory V5 x64 Edition
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8D93BD99-EECF-4812-B3BA-B8A2E7FEEA11}" = Topaz Simplify 3 (64-bit)
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A8BB73DB-199D-4917-B7CB-32FAAC4B820D}" = Topaz Adjust 3 (64-bit)
"{A981E64B-0F10-45D9-BD5C-A4DF7B87E218}" = Topaz Detail 2 (64-bit)
"{B36AB323-9849-4486-AB8F-93E64A06E716}" = WD SmartWare
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA85C599-2569-4C48-9AA6-2B8D8F029FA7}" = Topaz Clean 3 (64-bit)
"{FB237A35-F491-4AC1-95E0-85118D6751D9}" = Topaz Adjust 4 (64-bit)
"Autopano Giga" = Autopano Giga
"MESOL" = Intel(R) Active Management Technology Device Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17B371B7-740F-4C83-BDFE-0C3A2C585103}" = HP Display Assistant
"{1AD22277-7A1E-71EC-B27D-EB7A22BED143}" = DeepBurner Pro v1.9.0.228
"{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{359FC4B0-29ED-4CA8-AD66-CF436931F492}" = Adobe Flash Player 10 Plugin
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{46181E57-7362-4FCC-A30E-6E31429E160F}_is1" = NaviComputer V0.93
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5E684419-44E3-46EE-A43C-A60082CBF4EC}" = Topaz Adjust 3
"{61A64EFD-2CEC-4C6E-91DE-5EDE74C25ED9}" = Jalbum
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}" = Microsoft_VC80_MFCLOC_x86
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3
"{875F9A42-D47B-43E6-BA68-29D1895188D5}_is1" = Dynamic Auto-Painter 2.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A1EBF29-7CF8-471E-B90B-95FF36AC8248}" = Topaz Simplify 3
"{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}" = Microsoft_VC80_MFC_x86
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{952D88D2-3E6F-4E40-8553-8070FEFCE5CD}" = Adobe Creative Suite 5 Master Collection
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FDC7042-CB9F-4336-A14C-DF10F53762E2}" = Topaz Adjust 4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AF890091-2603-C1C6-DCD6-B8799D4FB464}" = Adobe Community Help
"{AFC02C27-473F-4EC5-9372-30771EFFB35F}" = VC80_CRT_x86
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C921D7C4-24D7-4210-AEE9-DFC5DDC78428}" = Topaz Detail 2
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB07E706-5DD7-4093-83A1-1430D5B6FA75}" = Microsoft_VC80_ATL_x86
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{DB249302-FB94-4578-84FE-7B856C315779}" = HTC Sync
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E5C8C4ED-A76A-49F3-BDB8-56DEEE92F19B}" = 602XML Filler
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{E8FF78D0-4D1C-4B2D-AC80-670F135F5461}" = Poladroid
"{EFB786FD-D916-416B-A23A-1EBEAF4A9DDC}" = Adobe Flash Player 10 ActiveX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"602XMLFiller_CAB" = 602XML Filler rozšíření pro Internet Explorer
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Amara - Flash Intro and Banner Builder" = Amara - Flash Intro and Banner Builder
"Amara - Flash Photo Animation Software" = Amara - Flash Photo Animation Software
"Artisteer 2" = Artisteer 2
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Photos" = Creative Photos 1.7.3.1
"DesetiPrsty5" = DesetiPrsty5 5.2
"DevalVR for Netscape" = DevalVR plugin for Netscape and compatible browsers
"DPP" = Canon Utilities Digital Photo Professional 3.5
"Easy DVD Creator_is1" = Easy DVD Creator 2.2.1
"EOS Utility" = Canon Utilities EOS Utility
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Google Desktop" = Google Desktop
"GreenBox_is1" = GreenBox 1.0
"Hugin_release_is1" = Hugin 2009.4.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"LogoMaker_is1" = LogoMaker 3.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ocllxljyesvznp" = Tagging System Cashtitan
"Pano2VR" = Pano2VR - Garden Gnome Software
"Panoweaver600_pro_is1" = Panoweaver Professional Edition
"Photodex Presenter" = Photodex Presenter
"Picasa 3" = Picasa 3
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PowerISO" = PowerISO
"ProShow Producer" = ProShow Producer
"PSPad editor_is1" = PSPad editor
"PTGui" = PTGui Pro 8.3.7
"Totalcmd" = Total Commander (Remove or Repair)
"Viewer2" = Viewer2
"winscp3_is1" = WinSCP 4.2.7
"WYSIWYG_Web_Builder_7" = WYSIWYG Web Builder 7

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7.10.2010 14:07:52 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 7.10.2010 16:37:00 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 7.10.2010 17:12:17 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 7.10.2010 18:14:40 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 7.10.2010 19:11:07 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 7.10.2010 20:02:27 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 8.10.2010 1:43:56 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 8.10.2010 2:03:48 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 8.10.2010 3:09:58 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 8.10.2010 4:12:53 | Computer Name = GRAFIKA | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

[ System Events ]
Error - 29.9.2010 4:49:45 | Computer Name = GRAFIKA | Source = DCOM | ID = 10010
Description =

Error - 29.9.2010 10:34:53 | Computer Name = GRAFIKA | Source = DCOM | ID = 10010
Description =

Error - 29.9.2010 10:38:23 | Computer Name = GRAFIKA | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace systému Windows 7 pro systémy platformy
x64 (KB2158563).

Error - 29.9.2010 10:38:23 | Computer Name = GRAFIKA | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace pro seznam Kompatibilní zobrazení aplikace
Internet Explorer 8 pro systém Windows 7 x64 (KB2362765).

Error - 29.9.2010 10:46:51 | Computer Name = GRAFIKA | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace systému Windows 7 pro systémy platformy
x64 (KB979538).

Error - 29.9.2010 21:24:28 | Computer Name = GRAFIKA | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

Error - 3.10.2010 13:36:48 | Computer Name = GRAFIKA | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Definition Update for Windows Defender - KB915597
(Definition 1.91.961.0).

Error - 4.10.2010 12:31:31 | Computer Name = GRAFIKA | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 4.10.2010 12:31:31 | Computer Name = GRAFIKA | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 5.10.2010 15:32:32 | Computer Name = GRAFIKA | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby RapiMgr bylo dosaženo časového
limitu (30000 ms).

< End of report >

roomm · #41 Příspěvek od **roomm** » 08 říj 2010 09:37

OTL

OTL logfile created on: 8.10.2010 10:24:21 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 188,58 Gb Free Space | 31,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 465,65 Gb Total Space | 30,52 Gb Free Space | 6,55% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 446,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive J: | 930,86 Gb Total Space | 881,72 Gb Free Space | 94,72% Space Free | Partition Type: NTFS
Drive M: | 3,79 Gb Total Space | 3,71 Gb Free Space | 97,93% Space Free | Partition Type: FAT32

Computer Name: GRAFIKA
Current User Name: User
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.10.08 08:08:39 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe

========== Modules (SafeList) ==========

MOD - [2010.10.08 08:08:39 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\astsrv.exe -- (astcc)
SRV:64bit: - [2010.02.11 21:07:54 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.01.21 18:13:58 | 051,445,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV:64bit: - [2010.01.09 20:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:64bit: - [2009.10.14 15:31:44 | 000,116,224 | ---- | M] (WDC) [Auto | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009.09.29 13:11:14 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009.09.29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.06.26 20:34:31 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.04.02 13:43:55 | 000,186,760 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess)
SRV - [2010.03.18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010.03.18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010.02.11 21:06:41 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.12.15 00:43:20 | 000,515,560 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.20 15:23:40 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Stopped] -- C:\Windows\SysWOW64\ASTSRV.EXE -- (astcc)
SRV - [2009.06.26 12:20:20 | 000,118,784 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe -- (Asset Management Daemon)
SRV - [2009.06.26 12:17:10 | 000,069,632 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2009.06.16 10:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009.05.27 17:51:42 | 000,109,096 | ---- | M] (Portrait Displays, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.05.29 17:14:02 | 000,105,240 | ---- | M] (Intel) [Auto | Stopped] -- C:\Program Files (x86)\Intel\AMT\LMS.exe -- (LMS) Intel(R)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2009.09.29 13:06:16 | 000,123,200 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2009.09.29 13:03:00 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009.09.29 12:56:36 | 000,144,824 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.27 17:51:24 | 000,020,520 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2009.02.13 13:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F5 20 B8 C9 32 AB CA 01 [binary data]
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.09.27 11:36:38 | 000,000,000 | ---D | M]

[2010.05.24 18:26:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2010.05.24 18:26:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com

O1 HOSTS File: ([2010.08.12 16:03:36 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DT HWP] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\..Trusted Domains: localhost ([]http in Místní intranet)
O15 - HKU\S-1-5-21-250642317-2044581209-3884301123-1000\..Trusted Ranges: GD ([http] in Místní intranet)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ctivex.cab (Reg Error: Key error.)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0 (Active602XMLFiller Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.22 15:45:13 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.10.12 15:20:28 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009.06.18 23:12:18 | 000,000,088 | ---- | M] () - I:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{97dd7961-173f-11df-b988-0019d1ae65bf}\Shell - "" = AutoRun
O33 - MountPoints2\{97dd7961-173f-11df-b988-0019d1ae65bf}\Shell\AutoRun\command - "" = I:\WD SmartWare.exe -- [2009.08.17 19:53:00 | 002,770,432 | ---- | M] (Western Digital)
O33 - MountPoints2\{ac15535f-39b7-11df-b02e-0019d1ae65bf}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.10.08 08:08:31 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2010.10.07 17:43:02 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.07 17:13:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.07 12:23:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010.10.07 12:23:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\HTC
[2010.10.07 12:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications
[2010.10.07 12:17:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2010.10.06 13:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010.10.06 13:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.10.06 13:47:51 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.10.06 13:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010.10.06 13:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010.10.06 13:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010.10.06 13:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2010.10.06 13:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2010.10.06 13:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.10.06 13:34:18 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.10.06 12:17:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DisplayTune
[2010.10.06 12:07:51 | 000,020,520 | ---- | C] (Portrait Displays, Inc.) -- C:\Windows\SysNative\drivers\PdiPorts.sys
[2010.10.06 12:07:36 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcp70.dll
[2010.10.06 12:07:36 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcr70.dll
[2010.10.06 12:07:35 | 001,392,671 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvbvm60.dll
[2010.10.06 12:07:35 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfc80.dll
[2010.10.06 12:07:35 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfc80u.dll
[2010.10.06 12:07:35 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfc70.dll
[2010.10.06 12:07:35 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcr80.dll
[2010.10.06 12:07:35 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcp80.dll
[2010.10.06 12:07:35 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcm80.dll
[2010.10.06 12:07:35 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\Windows\ijl15.dll
[2010.10.06 12:07:35 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\atl80.dll
[2010.10.06 12:07:35 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfcm80.dll
[2010.10.06 12:07:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfcm80u.dll
[2010.10.06 12:07:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Portrait Displays
[2010.10.06 12:07:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portrait Displays
[2010.10.05 16:19:09 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\InstantCDDVD
[2010.10.05 15:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy DVD Creator
[2010.10.04 18:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoConverter
[2010.10.04 17:12:51 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\ssubtmr6.dll
[2010.10.04 17:12:51 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\SysWow64\trayicon_handler.ocx
[2010.09.29 15:31:08 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010.09.27 11:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.09.15 21:06:37 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll

========== Files - Modified Within 30 Days ==========

[2010.10.08 10:23:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.08 10:23:26 | 3169,153,024 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.08 10:21:33 | 007,340,032 | -HS- | M] () -- C:\Users\User\NTUSER.DAT
[2010.10.08 10:21:15 | 002,329,833 | -H-- | M] () -- C:\Users\User\AppData\Local\IconCache.db
[2010.10.08 10:20:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.08 09:43:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-250642317-2044581209-3884301123-1000UA.job
[2010.10.08 08:08:39 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2010.10.08 07:41:07 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-250642317-2044581209-3884301123-1000Core.job
[2010.10.07 22:48:43 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.07 17:28:58 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.07 17:28:58 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.07 17:19:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.07 16:55:34 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010.10.07 12:20:06 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2010.10.07 11:42:14 | 000,668,610 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.10.07 11:42:14 | 000,654,354 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.07 11:42:14 | 000,140,246 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.10.07 11:42:14 | 000,121,226 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.07 11:42:13 | 001,583,058 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.07 11:09:22 | 000,001,262 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2010.10.07 10:34:12 | 005,147,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.06 20:16:43 | 000,018,432 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.06 14:10:04 | 000,155,248 | ---- | M] () -- C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.10.06 13:42:52 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.10.06 09:48:46 | 001,561,520 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.05 15:49:23 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010.10.05 15:30:18 | 000,000,067 | ---- | M] () -- C:\Windows\Easy DVD Creator.INI
[2010.09.15 18:46:36 | 000,000,477 | ---- | M] () -- C:\Users\User\AppData\Roaming\Poladroid prefs.plist

========== Files Created - No Company Name ==========

[2010.10.07 12:20:06 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2010.10.06 14:01:55 | 000,001,262 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2010.10.06 12:08:22 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2010.10.06 12:07:51 | 000,007,164 | ---- | C] () -- C:\pdiports.cat
[2010.10.06 12:07:51 | 000,002,853 | ---- | C] () -- C:\pdiports64.inf
[2010.10.06 12:07:35 | 000,002,371 | ---- | C] () -- C:\Windows\Microsoft.VC80.MFC.manifest
[2010.10.06 12:07:35 | 000,001,869 | ---- | C] () -- C:\Windows\Microsoft.VC80.CRT.manifest
[2010.10.06 12:07:35 | 000,000,456 | ---- | C] () -- C:\Windows\Microsoft.VC80.ATL.manifest
[2010.10.06 11:47:19 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010.10.05 15:30:11 | 000,000,067 | ---- | C] () -- C:\Windows\Easy DVD Creator.INI
[2010.09.01 16:17:38 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.07.30 07:54:20 | 000,001,456 | ---- | C] () -- C:\Users\User\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010.07.21 12:14:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.29 08:10:27 | 000,000,600 | ---- | C] () -- C:\Users\User\AppData\Roaming\winscp.rnd
[2010.06.01 16:44:52 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\glut32.dll
[2010.06.01 16:44:52 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\glut.dll
[2010.06.01 16:44:52 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\PW6ContextMenu.dll
[2010.03.29 09:38:22 | 001,561,520 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.03.24 11:56:44 | 000,000,477 | ---- | C] () -- C:\Users\User\AppData\Roaming\Poladroid prefs.plist
[2010.03.06 16:03:21 | 000,000,000 | ---- | C] () -- C:\Windows\binxz.INI
[2010.02.23 19:04:13 | 000,018,432 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.12 09:51:37 | 000,000,017 | ---- | C] () -- C:\Users\User\AppData\Local\resmon.resmoncfg
[2010.02.11 19:52:54 | 000,038,451 | ---- | C] () -- C:\Users\User\AppData\Roaming\Comma Separated Values (Windows).ADR
[2009.09.30 14:52:56 | 009,916,928 | ---- | C] () -- C:\Windows\SysWow64\tliadjust34.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2005.02.03 01:50:28 | 000,004,224 | ---- | C] () -- C:\Windows\SysWow64\StarOpen.sys

========== LOP Check ==========

[2010.08.03 08:07:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\602XML
[2010.02.12 11:04:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ACD Systems
[2010.05.11 18:40:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Artisteer
[2010.07.22 15:54:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Autodesk
[2010.03.23 15:58:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Axara
[2010.09.01 16:20:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canneverbe Limited
[2010.05.18 13:32:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canon
[2010.06.04 14:16:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\com.adobe.bridge.PublishPanel
[2010.07.08 09:49:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DeepBurner Pro
[2010.10.06 12:17:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DisplayTune
[2010.05.13 09:21:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GardenGnomeSoftware
[2010.06.08 08:13:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GetRightToGo
[2010.02.11 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GHISLER
[2010.10.07 12:23:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HTC
[2010.10.07 12:23:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010.02.12 16:36:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Jalbum
[2010.06.03 09:54:34 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\krpano
[2010.04.30 13:37:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LogoMaker
[2010.07.08 08:11:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mask Pro 4.0
[2010.04.02 13:43:58 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Netscape
[2010.10.06 13:03:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\onOne Software
[2010.02.11 15:23:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenOffice.org
[2010.04.02 13:36:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Photodex
[2010.09.14 10:41:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PTGui
[2010.06.04 14:57:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StageManager
[2010.10.06 07:42:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2010.05.31 11:03:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Viewer2
[2010.05.24 18:29:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vivox
[2010.02.12 09:50:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Western Digital
[2010.10.07 16:55:34 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010.09.02 08:14:53 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

#42 Příspěvek od **motji** » 08 říj 2010 09:49

Nic v logu nevidím

, ten program na pozadí se Vám už někdy objevil? Mě se třeba někdy zobrazuje smajlík

a zjistila jsem , že to patří ke qipu.

roomm · #43 Příspěvek od **roomm** » 08 říj 2010 12:22

viděl jsem to jen jednou, tak až budu zase vypínat pc tak se budu dívat...

#44 Příspěvek od **motji** » 08 říj 2010 12:27

Dobře, když tak napište.

roomm · #45 Příspěvek od **roomm** » 15 říj 2010 14:54

Potřeboval bych poradit, moje pc se pomalu zpomaluje a zpomaluje,... až mám teď pocit že jede tak na 50%. Existuje nějaký sw který by ho dal zase do kondice ?

Moc děkuji za odpověď.

VIRY.CZ

Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?

Re: Mám havěť v počítači ?