VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola

https://forum.viry.cz:443/viewtopic.php?t=102964

Stránka 1 z 3

Kontrola

Napsal: 22 črc 2010 16:20
od Zizou
Dobrý den. S PC problémy nemám, jen mi teď v poslední době při zapnutí PC vyskakuje tato hláška:

Kód: Vybrat vše

Při spouštění souboru C:\Windows\system32\sshnas21.dll došlo k problému.

Uvedený model nebyl nalezen.
Prosím o kontrolu celého logu (preventivně) a o odstranění výše zmíněného problému, děkuji.

Zde přikládám log.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Honzik at 2010-07-22 17:15:05
Microsoft Windows 7 Ultimate
System drive C: has 224 GB (37%) free of 610 GB
Total RAM: 3062 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:15:16, on 22.7.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Fraps\fraps.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Gaming Mouse\Gaming 3.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\MiniCLIP\mclip.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Honzik\Desktop\RSIT.exe
C:\Program Files\trend micro\Honzik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/skins7/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Gaming 3] "C:\Gaming Mouse\Gaming 3.exe" /hide
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Honzik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Halo2] rundll32.exe C:\Windows\system32\sshnas21.dll,GetMainWnd
O4 - HKCU\..\Run: [JDK5SWFMZY] C:\Users\Honzik\AppData\Local\Temp\Gw1.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: FastStone Capture.lnk = C:\Program Files\FastStone Capture\FSCapture.exe
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: MiniCLIP.lnk = C:\Program Files\MiniCLIP\mclip.exe
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Add to &Evernote - res://C:\Program Files\Evernote\Evernote3.5\enbar.dll/2000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0375510637
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9489266859
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9ba1b510f0c16) (gupdate1c9ba1b510f0c16) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 13194 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350281380-233495102-1455855570-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350281380-233495102-1455855570-1004UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1532298954-1417001333-1004.job
C:\Windows\tasks\NeroLiveEpgUpdate-ZIZOU_Honzik.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2008-11-18 36864]
"LogonStudio"=C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe [2002-09-03 987187]
"Six Engine"=C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13 5974528]
"TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-10-21 4040192]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-08-27 233588]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Gaming 3"=C:\Gaming Mouse\Gaming 3.exe [2009-11-09 1216512]
"TNOD UP"=C:\Program Files\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-06-23 1699128]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 144384]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-04-29 248832]
"Google Update"=C:\Users\Honzik\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-17 133104]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"fsm"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=c:\program files\steam\steam.exe [2010-07-05 1238352]
"AdobeBridge"= []
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-07-06 133368]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"Halo2"=C:\Windows\system32\sshnas21.dll,GetMainWnd []
"JDK5SWFMZY"=C:\Users\Honzik\AppData\Local\Temp\Gw1.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MiniCLIP.lnk - C:\Program Files\MiniCLIP\mclip.exe

C:\Users\Honzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FastStone Capture.lnk - C:\Program Files\FastStone Capture\FSCapture.exe
Obsah aplikace OneNote.onetoc2
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticecaption"=
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Users\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Users\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Activision\Prototype\prototypef.exe"="C:\Program Files\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM)"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Codemasters\FUEL\FUEL.exe"="C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe"="C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\system32\vomhlm.exe"="C:\WINDOWS\system32\vomhlm.exe:*:Enabled:ENABLE"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-21 19:13:22 ----D---- C:\WindowsOffBackup
2010-07-21 19:04:21 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-07-21 19:04:19 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-21 19:03:50 ----D---- C:\Windows\PCHEALTH
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft Sync Framework
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-21 19:03:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-07-21 19:01:39 ----D---- C:\Program Files\Microsoft Analysis Services
2010-07-21 19:00:14 ----RHD---- C:\MSOCache
2010-07-21 02:40:50 ----D---- C:\Program Files\WinSnap
2010-07-21 02:19:29 ----D---- C:\Program Files\MiniCLIP
2010-07-17 17:05:33 ----D---- C:\Users\Honzik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-07-17 17:05:33 ----D---- C:\Users\Honzik\AppData\Roaming\Adobe Mini Bridge CS5
2010-07-17 16:23:09 ----D---- C:\Users\Honzik\AppData\Roaming\RealWorld
2010-07-14 12:48:09 ----D---- C:\ProgramData\PrettyMay
2010-07-14 12:48:09 ----A---- C:\Windows\struct~.ini
2010-07-13 16:54:42 ----D---- C:\ProgramData\Sticky Notes TB Hider
2010-07-13 16:54:42 ----D---- C:\Program Files\StickyNotes
2010-07-13 16:31:45 ----D---- C:\ProgramData\SITEguard
2010-07-13 16:30:41 ----D---- C:\ProgramData\STOPzilla!
2010-07-13 16:30:41 ----D---- C:\Program Files\Common Files\iS3
2010-07-11 21:59:44 ----D---- C:\Program Files\Get Styles
2010-07-11 16:50:51 ----D---- C:\ProgramData\PC Drivers HeadQuarters Inc
2010-07-11 16:48:02 ----D---- C:\Users\Honzik\AppData\Roaming\GetRightToGo
2010-07-10 14:19:48 ----D---- C:\AdobeTemp
2010-07-10 14:18:58 ----D---- C:\Users\Honzik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-07-10 14:17:24 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-07-09 22:16:28 ----D---- C:\Program Files\Counter-Strike Source
2010-07-08 15:18:43 ----D---- C:\ProgramData\ESET
2010-07-08 15:02:25 ----D---- C:\Program Files\ESET
2010-07-07 20:51:13 ----D---- C:\Program Files\TNod User & Password Finder
2010-07-07 19:35:05 ----D---- C:\Users\Honzik\AppData\Roaming\KompoZer
2010-07-07 19:15:31 ----D---- C:\Program Files\Mozilla Thunderbird
2010-07-07 16:05:09 ----D---- C:\Users\Honzik\AppData\Roaming\Thunderbird
2010-07-07 13:26:31 ----D---- C:\Program Files\Nitro PDF
2010-07-07 13:26:31 ----D---- C:\Program Files\Common Files\Nitro PDF
2010-07-07 01:26:04 ----D---- C:\Program Files\Evernote
2010-07-07 01:16:22 ----D---- C:\Program Files\ATnotes
2010-07-07 01:00:30 ----D---- C:\Users\Honzik\AppData\Roaming\.simpleplainnote
2010-07-06 22:17:56 ----D---- C:\Program Files\ICQ6Toolbar
2010-07-06 22:02:58 ----D---- C:\Program Files\ICQ7.2
2010-07-04 15:17:17 ----D---- C:\Program Files\Rising Research
2010-07-02 22:51:03 ----D---- C:\Users\Honzik\AppData\Roaming\acccore
2010-07-02 22:50:57 ----D---- C:\Program Files\Common Files\Software Update Utility
2010-07-02 22:50:56 ----D---- C:\Program Files\Common Files\AOL
2010-07-02 15:55:03 ----D---- C:\Update
2010-07-02 15:24:26 ----D---- C:\Program Files\MSECACHE
2010-07-02 10:24:09 ----D---- C:\Gaming Mouse
2010-06-29 16:06:41 ----D---- C:\Program Files\FastStone Capture
2010-06-29 15:08:13 ----D---- C:\Program Files\Steam
2010-06-27 23:08:35 ----D---- C:\Windows\system32\Wat
2010-06-24 22:12:54 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 22:12:54 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\dfshim.dll
2010-06-24 11:09:14 ----A---- C:\Windows\system32\NLSSRV32.EXE
2010-06-24 09:07:04 ----A---- C:\Windows\system32\ntdll.dll
2010-06-24 09:07:01 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-24 09:07:00 ----A---- C:\Windows\system32\msdri.dll

======List of files/folders modified in the last 1 months======

2010-07-22 17:15:16 ----D---- C:\Windows\Prefetch
2010-07-22 17:15:13 ----D---- C:\Program Files\trend micro
2010-07-22 17:15:09 ----D---- C:\Windows\Temp
2010-07-22 17:15:02 ----SHD---- C:\Windows\Installer
2010-07-22 17:15:01 ----SHD---- C:\Config.Msi
2010-07-22 17:14:49 ----D---- C:\ProgramData\Microsoft Help
2010-07-22 17:14:39 ----SHD---- C:\System Volume Information
2010-07-22 17:06:45 ----D---- C:\Windows\system32\config
2010-07-22 17:06:05 ----D---- C:\Users\Honzik\AppData\Roaming\Skype
2010-07-22 17:05:39 ----D---- C:\Users\Honzik\AppData\Roaming\ICQ
2010-07-22 17:05:34 ----AD---- C:\Windows
2010-07-22 17:05:30 ----D---- C:\Users\Honzik\AppData\Roaming\skypePM
2010-07-22 17:04:54 ----A---- C:\Windows\LogonStudio.ini
2010-07-21 21:31:42 ----D---- C:\Windows\system32\Tasks
2010-07-21 21:31:41 ----SD---- C:\Windows\Tasks
2010-07-21 21:06:52 ----D---- C:\Users\Honzik\AppData\Roaming\Nitro PDF
2010-07-21 21:06:26 ----SD---- C:\Users\Honzik\AppData\Roaming\Microsoft
2010-07-21 19:28:55 ----D---- C:\Windows\Microsoft.NET
2010-07-21 19:28:54 ----RSD---- C:\Windows\assembly
2010-07-21 19:05:14 ----D---- C:\Windows\System32
2010-07-21 19:05:05 ----RSD---- C:\Windows\Fonts
2010-07-21 19:04:55 ----D---- C:\Windows\ShellNew
2010-07-21 19:04:54 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-21 19:04:46 ----D---- C:\Program Files\MSBuild
2010-07-21 19:04:21 ----RD---- C:\Program Files
2010-07-21 19:04:19 ----D---- C:\Program Files\Common Files
2010-07-21 19:03:51 ----RD---- C:\Program Files\Microsoft Office
2010-07-21 19:03:50 ----SD---- C:\ProgramData\Microsoft
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft.NET
2010-07-21 19:02:38 ----A---- C:\Windows\win.ini
2010-07-21 19:02:37 ----D---- C:\Program Files\Common Files\System
2010-07-21 13:39:53 ----D---- C:\Program Files\Mozilla Firefox
2010-07-21 03:02:53 ----D---- C:\Program Files\Fraps
2010-07-18 17:20:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-18 17:19:42 ----RD---- C:\Program Files\Electronic Arts
2010-07-18 17:19:41 ----D---- C:\ProgramData\Electronic Arts
2010-07-18 17:18:11 ----D---- C:\Program Files\Horizons2
2010-07-18 17:13:39 ----RD---- C:\Program Files\Activision
2010-07-18 14:09:56 ----HD---- C:\ProgramData
2010-07-17 16:19:32 ----D---- C:\Users\Honzik\AppData\Roaming\XnView
2010-07-15 11:42:01 ----D---- C:\Windows\debug
2010-07-14 11:45:52 ----D---- C:\Windows\system32\drivers
2010-07-11 16:07:46 ----D---- C:\Users\Honzik\AppData\Roaming\FlashGetBHO
2010-07-11 16:07:39 ----RD---- C:\Program Files\FlashGet
2010-07-11 15:34:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-11 15:34:11 ----D---- C:\Windows\inf
2010-07-11 15:32:47 ----D---- C:\Windows\system32\en-US
2010-07-11 15:30:37 ----D---- C:\Windows\SoftwareDistribution
2010-07-11 14:19:18 ----D---- C:\Users\Honzik\AppData\Roaming\Adobe
2010-07-11 14:18:48 ----RD---- C:\Program Files\Adobe
2010-07-11 14:16:14 ----D---- C:\ProgramData\Adobe
2010-07-11 14:10:54 ----D---- C:\Users\Honzik\AppData\Roaming\BITS
2010-07-11 14:06:18 ----D---- C:\Windows\system32\catroot2
2010-07-10 17:10:44 ----D---- C:\Program Files\Common Files\Adobe
2010-07-10 17:10:25 ----RD---- C:\Program Files\CCleaner
2010-07-10 14:25:16 ----RD---- C:\Program Files\Adobe Media Player
2010-07-10 14:20:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-07-10 14:10:38 ----D---- C:\Windows\winsxs
2010-07-08 15:19:14 ----D---- C:\Users\Honzik\AppData\Roaming\ESET
2010-07-08 15:12:26 ----D---- C:\Windows\system32\LogFiles
2010-07-08 14:17:41 ----D---- C:\Windows\system32\catroot
2010-07-08 14:17:39 ----D---- C:\Windows\system32\DriverStore
2010-07-07 15:58:30 ----D---- C:\Program Files\XnView
2010-07-07 15:55:26 ----D---- C:\Users\Honzik\AppData\Roaming\FastStone
2010-07-07 15:52:29 ----D---- C:\Program Files\IrfanView
2010-07-07 13:25:12 ----D---- C:\Users\Honzik\AppData\Roaming\Downloaded Installations
2010-07-06 22:17:48 ----D---- C:\ProgramData\ICQ
2010-07-06 21:58:38 ----D---- C:\Program Files\Miranda IM
2010-07-05 12:54:25 ----D---- C:\Program Files\Unlocker
2010-07-05 12:54:25 ----D---- C:\Program Files\DivX
2010-07-04 18:08:52 ----D---- C:\Program Files\The KMPlayer
2010-07-04 15:54:43 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-07-04 15:53:50 ----D---- C:\Users\Honzik\AppData\Roaming\BSplayer
2010-07-04 15:52:39 ----D---- C:\Program Files\All Ten Fingers
2010-07-04 15:52:24 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-07-04 15:52:15 ----D---- C:\Program Files\TeamViewer
2010-07-04 15:49:15 ----D---- C:\Program Files\LogMeIn Hamachi
2010-07-04 11:16:45 ----N---- C:\Windows\SchedLgU.Txt
2010-07-02 21:39:05 ----A---- C:\Windows\system32\MRT.exe
2010-06-29 15:08:13 ----D---- C:\Program Files\Common Files\Steam
2010-06-28 14:42:36 ----D---- C:\Windows\system32\NDF
2010-06-24 22:12:46 ----D---- C:\Windows\ehome
2010-06-24 22:12:32 ----D---- C:\Windows\AppPatch
2010-06-24 11:06:54 ----A---- C:\Windows\system32\nitrolocalui.dll
2010-06-24 11:06:52 ----A---- C:\Windows\system32\nitrolocalmon.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-18 83296]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-05-01 43528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-15 691696]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2009-10-28 368736]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312]
R2 ncryptpro;ncryptpro; \??\C:\WINDOWS\system32\Drivers\ncryptpro.sys [2009-08-11 186720]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\Windows\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 afmsdvad;afmsdvad; C:\Windows\system32\drivers\afmsdvad.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cpuz132;cpuz132; \??\C:\Users\Honzik\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 DSGACommsDriver;DSGACommsDriver; \??\C:\WINDOWS\system32\drivers\DSGACommsDriver.sys [2009-09-30 19168]
S3 DSGAFilterDriver;DSGAFilterDriver; \??\C:\WINDOWS\system32\drivers\DSGAFilterDriver.sys [2009-09-30 17632]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-10-03 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 17408]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-11-11 23600]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
R2 astcc;AST Service; C:\WINDOWS\system32\ASTSRV.EXE [2009-09-15 61760]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-09 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [2010-06-24 196928]
R2 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2010-06-24 65856]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-20 66872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9ba1b510f0c16;Služba Google Update (gupdate1c9ba1b510f0c16); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-10 133104]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-26 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-26 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2010-03-31 79360]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-18 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-27 1343400]

-----------------EOF-----------------

Re: Kontrola

Napsal: 23 črc 2010 00:33
od vyosek
Zdravim a pekne rano preji :)
Vzhledem k tomu, ze pouzivate nelegalni SW Obrázek se nedivim, ze jste navstevnikem naseho fora :?:
Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek.
Obstarejte si proto legalni ochranu Vaseho PC (antivir+firewall), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.

Osobne Vam doporucuji kombinaci Avast+ZoneAlarm. Prehled antiviru mate ZDE a firewallu TADY.

:arrow: Log z RSITu - viz muj podpis
:arrow: Stahnete na plochu CKScanner
  • Spustte a kliknete na Search for files
  • Po dokonceni skenu kliknete na Save List to File a nasledne OK
  • Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Re: Kontrola

Napsal: 23 črc 2010 00:34
od vyosek
Mozna i diky tomu nelegalnimu NODu, tam mate ten sshnas21.dll coz je trojsky kun :?: Ale je tam i dalsi sbirka haveti, nejen ten sshnas21.dll :roll:

Re: Kontrola

Napsal: 23 črc 2010 00:50
od Zizou
Odstranil jsem tedy ESET Smart Security a vkládám nový log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Honzik at 2010-07-23 01:46:35
Microsoft Windows 7 Ultimate
System drive C: has 226 GB (37%) free of 610 GB
Total RAM: 3062 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:46:38, on 23.7.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Fraps\fraps.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Gaming Mouse\Gaming 3.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\MiniCLIP\mclip.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Honzik\Desktop\RSIT.exe
C:\Program Files\trend micro\Honzik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/skins7/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Gaming 3] "C:\Gaming Mouse\Gaming 3.exe" /hide
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Honzik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: FastStone Capture.lnk = C:\Program Files\FastStone Capture\FSCapture.exe
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: MiniCLIP.lnk = C:\Program Files\MiniCLIP\mclip.exe
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Add to &Evernote - res://C:\Program Files\Evernote\Evernote3.5\enbar.dll/2000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0375510637
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9489266859
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9ba1b510f0c16) (gupdate1c9ba1b510f0c16) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 12528 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350281380-233495102-1455855570-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350281380-233495102-1455855570-1004UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1532298954-1417001333-1004.job
C:\Windows\tasks\NeroLiveEpgUpdate-ZIZOU_Honzik.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2008-11-18 36864]
"LogonStudio"=C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe [2002-09-03 987187]
"Six Engine"=C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13 5974528]
"TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-10-21 4040192]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-08-27 233588]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Gaming 3"=C:\Gaming Mouse\Gaming 3.exe [2009-11-09 1216512]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-06-23 1699128]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 144384]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-04-29 248832]
"Google Update"=C:\Users\Honzik\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-17 133104]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"fsm"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=c:\program files\steam\steam.exe [2010-07-05 1238352]
"AdobeBridge"= []
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-07-06 133368]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MiniCLIP.lnk - C:\Program Files\MiniCLIP\mclip.exe

C:\Users\Honzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FastStone Capture.lnk - C:\Program Files\FastStone Capture\FSCapture.exe
Obsah aplikace OneNote.onetoc2
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticecaption"=
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Users\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Users\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Activision\Prototype\prototypef.exe"="C:\Program Files\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM)"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Codemasters\FUEL\FUEL.exe"="C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe"="C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\system32\vomhlm.exe"="C:\WINDOWS\system32\vomhlm.exe:*:Enabled:ENABLE"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-21 19:13:22 ----D---- C:\WindowsOffBackup
2010-07-21 19:04:21 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-07-21 19:04:19 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-21 19:03:50 ----D---- C:\Windows\PCHEALTH
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft Sync Framework
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-21 19:03:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-07-21 19:01:39 ----D---- C:\Program Files\Microsoft Analysis Services
2010-07-21 19:00:14 ----RHD---- C:\MSOCache
2010-07-21 02:40:50 ----D---- C:\Program Files\WinSnap
2010-07-21 02:19:29 ----D---- C:\Program Files\MiniCLIP
2010-07-17 17:05:33 ----D---- C:\Users\Honzik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-07-17 17:05:33 ----D---- C:\Users\Honzik\AppData\Roaming\Adobe Mini Bridge CS5
2010-07-17 16:23:09 ----D---- C:\Users\Honzik\AppData\Roaming\RealWorld
2010-07-14 12:48:09 ----D---- C:\ProgramData\PrettyMay
2010-07-14 12:48:09 ----A---- C:\Windows\struct~.ini
2010-07-13 16:54:42 ----D---- C:\ProgramData\Sticky Notes TB Hider
2010-07-13 16:54:42 ----D---- C:\Program Files\StickyNotes
2010-07-13 16:31:45 ----D---- C:\ProgramData\SITEguard
2010-07-13 16:30:41 ----D---- C:\ProgramData\STOPzilla!
2010-07-13 16:30:41 ----D---- C:\Program Files\Common Files\iS3
2010-07-11 21:59:44 ----D---- C:\Program Files\Get Styles
2010-07-11 16:50:51 ----D---- C:\ProgramData\PC Drivers HeadQuarters Inc
2010-07-11 16:48:02 ----D---- C:\Users\Honzik\AppData\Roaming\GetRightToGo
2010-07-10 14:19:48 ----D---- C:\AdobeTemp
2010-07-10 14:18:58 ----D---- C:\Users\Honzik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-07-10 14:17:24 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-07-09 22:16:28 ----D---- C:\Program Files\Counter-Strike Source
2010-07-08 15:02:25 ----D---- C:\Program Files\ESET
2010-07-07 19:35:05 ----D---- C:\Users\Honzik\AppData\Roaming\KompoZer
2010-07-07 19:15:31 ----D---- C:\Program Files\Mozilla Thunderbird
2010-07-07 16:05:09 ----D---- C:\Users\Honzik\AppData\Roaming\Thunderbird
2010-07-07 13:26:31 ----D---- C:\Program Files\Nitro PDF
2010-07-07 13:26:31 ----D---- C:\Program Files\Common Files\Nitro PDF
2010-07-07 01:26:04 ----D---- C:\Program Files\Evernote
2010-07-07 01:16:22 ----D---- C:\Program Files\ATnotes
2010-07-07 01:00:30 ----D---- C:\Users\Honzik\AppData\Roaming\.simpleplainnote
2010-07-06 22:17:56 ----D---- C:\Program Files\ICQ6Toolbar
2010-07-06 22:02:58 ----D---- C:\Program Files\ICQ7.2
2010-07-04 15:17:17 ----D---- C:\Program Files\Rising Research
2010-07-02 22:51:03 ----D---- C:\Users\Honzik\AppData\Roaming\acccore
2010-07-02 22:50:57 ----D---- C:\Program Files\Common Files\Software Update Utility
2010-07-02 22:50:56 ----D---- C:\Program Files\Common Files\AOL
2010-07-02 15:55:03 ----D---- C:\Update
2010-07-02 15:24:26 ----D---- C:\Program Files\MSECACHE
2010-07-02 10:24:09 ----D---- C:\Gaming Mouse
2010-06-29 16:06:41 ----D---- C:\Program Files\FastStone Capture
2010-06-29 15:08:13 ----D---- C:\Program Files\Steam
2010-06-27 23:08:35 ----D---- C:\Windows\system32\Wat
2010-06-24 22:12:54 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 22:12:54 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\dfshim.dll
2010-06-24 11:09:14 ----A---- C:\Windows\system32\NLSSRV32.EXE
2010-06-24 09:07:04 ----A---- C:\Windows\system32\ntdll.dll
2010-06-24 09:07:01 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-24 09:07:00 ----A---- C:\Windows\system32\msdri.dll

======List of files/folders modified in the last 1 months======

2010-07-23 01:46:36 ----D---- C:\Windows\Temp
2010-07-23 01:46:36 ----D---- C:\Program Files\trend micro
2010-07-23 01:45:39 ----AD---- C:\Windows
2010-07-23 01:44:53 ----D---- C:\Windows\Prefetch
2010-07-23 01:44:51 ----RD---- C:\Program Files
2010-07-23 01:44:36 ----D---- C:\Users\Honzik\AppData\Roaming\Skype
2010-07-23 01:44:06 ----D---- C:\Users\Honzik\AppData\Roaming\ICQ
2010-07-23 01:44:04 ----D---- C:\Users\Honzik\AppData\Roaming\skypePM
2010-07-23 01:43:44 ----A---- C:\Windows\LogonStudio.ini
2010-07-23 01:42:24 ----D---- C:\Windows\system32\config
2010-07-23 01:40:49 ----SHD---- C:\Windows\Installer
2010-07-23 01:40:44 ----SHD---- C:\Config.Msi
2010-07-23 01:40:44 ----HD---- C:\ProgramData
2010-07-23 01:40:38 ----D---- C:\Windows\system32\drivers
2010-07-23 01:40:37 ----D---- C:\Windows\system32\DriverStore
2010-07-23 01:40:37 ----D---- C:\Windows\system32\catroot
2010-07-23 01:40:36 ----D---- C:\Windows\inf
2010-07-23 01:40:16 ----SHD---- C:\System Volume Information
2010-07-22 18:07:26 ----D---- C:\Windows\system32\catroot2
2010-07-22 17:49:36 ----D---- C:\Users\Honzik\AppData\Roaming\Nitro PDF
2010-07-22 17:14:59 ----D---- C:\ProgramData\Microsoft Help
2010-07-21 21:31:42 ----D---- C:\Windows\system32\Tasks
2010-07-21 21:31:41 ----SD---- C:\Windows\Tasks
2010-07-21 21:06:26 ----SD---- C:\Users\Honzik\AppData\Roaming\Microsoft
2010-07-21 19:28:55 ----D---- C:\Windows\Microsoft.NET
2010-07-21 19:28:54 ----RSD---- C:\Windows\assembly
2010-07-21 19:05:14 ----D---- C:\Windows\System32
2010-07-21 19:05:05 ----RSD---- C:\Windows\Fonts
2010-07-21 19:04:55 ----D---- C:\Windows\ShellNew
2010-07-21 19:04:54 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-21 19:04:46 ----D---- C:\Program Files\MSBuild
2010-07-21 19:04:19 ----D---- C:\Program Files\Common Files
2010-07-21 19:03:51 ----RD---- C:\Program Files\Microsoft Office
2010-07-21 19:03:50 ----SD---- C:\ProgramData\Microsoft
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft.NET
2010-07-21 19:02:38 ----A---- C:\Windows\win.ini
2010-07-21 19:02:37 ----D---- C:\Program Files\Common Files\System
2010-07-21 13:39:53 ----D---- C:\Program Files\Mozilla Firefox
2010-07-21 03:02:53 ----D---- C:\Program Files\Fraps
2010-07-18 17:20:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-18 17:19:42 ----RD---- C:\Program Files\Electronic Arts
2010-07-18 17:19:41 ----D---- C:\ProgramData\Electronic Arts
2010-07-18 17:18:11 ----D---- C:\Program Files\Horizons2
2010-07-18 17:13:39 ----RD---- C:\Program Files\Activision
2010-07-17 16:19:32 ----D---- C:\Users\Honzik\AppData\Roaming\XnView
2010-07-15 11:42:01 ----D---- C:\Windows\debug
2010-07-11 16:07:46 ----D---- C:\Users\Honzik\AppData\Roaming\FlashGetBHO
2010-07-11 16:07:39 ----RD---- C:\Program Files\FlashGet
2010-07-11 15:34:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-11 15:32:47 ----D---- C:\Windows\system32\en-US
2010-07-11 15:30:37 ----D---- C:\Windows\SoftwareDistribution
2010-07-11 14:19:18 ----D---- C:\Users\Honzik\AppData\Roaming\Adobe
2010-07-11 14:18:48 ----RD---- C:\Program Files\Adobe
2010-07-11 14:16:14 ----D---- C:\ProgramData\Adobe
2010-07-11 14:10:54 ----D---- C:\Users\Honzik\AppData\Roaming\BITS
2010-07-10 17:10:44 ----D---- C:\Program Files\Common Files\Adobe
2010-07-10 17:10:25 ----RD---- C:\Program Files\CCleaner
2010-07-10 14:25:16 ----RD---- C:\Program Files\Adobe Media Player
2010-07-10 14:20:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-07-10 14:10:38 ----D---- C:\Windows\winsxs
2010-07-08 15:19:14 ----D---- C:\Users\Honzik\AppData\Roaming\ESET
2010-07-08 15:12:26 ----D---- C:\Windows\system32\LogFiles
2010-07-07 15:58:30 ----D---- C:\Program Files\XnView
2010-07-07 15:55:26 ----D---- C:\Users\Honzik\AppData\Roaming\FastStone
2010-07-07 15:52:29 ----D---- C:\Program Files\IrfanView
2010-07-07 13:25:12 ----D---- C:\Users\Honzik\AppData\Roaming\Downloaded Installations
2010-07-06 22:17:48 ----D---- C:\ProgramData\ICQ
2010-07-06 21:58:38 ----D---- C:\Program Files\Miranda IM
2010-07-05 12:54:25 ----D---- C:\Program Files\Unlocker
2010-07-05 12:54:25 ----D---- C:\Program Files\DivX
2010-07-04 18:08:52 ----D---- C:\Program Files\The KMPlayer
2010-07-04 15:54:43 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-07-04 15:53:50 ----D---- C:\Users\Honzik\AppData\Roaming\BSplayer
2010-07-04 15:52:39 ----D---- C:\Program Files\All Ten Fingers
2010-07-04 15:52:24 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-07-04 15:52:15 ----D---- C:\Program Files\TeamViewer
2010-07-04 15:49:15 ----D---- C:\Program Files\LogMeIn Hamachi
2010-07-04 11:16:45 ----N---- C:\Windows\SchedLgU.Txt
2010-07-02 21:39:05 ----A---- C:\Windows\system32\MRT.exe
2010-06-29 15:08:13 ----D---- C:\Program Files\Common Files\Steam
2010-06-28 14:42:36 ----D---- C:\Windows\system32\NDF
2010-06-24 22:12:46 ----D---- C:\Windows\ehome
2010-06-24 22:12:32 ----D---- C:\Windows\AppPatch
2010-06-24 11:06:54 ----A---- C:\Windows\system32\nitrolocalui.dll
2010-06-24 11:06:52 ----A---- C:\Windows\system32\nitrolocalmon.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-18 83296]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-05-01 43528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-15 691696]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2009-10-28 368736]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 ncryptpro;ncryptpro; \??\C:\WINDOWS\system32\Drivers\ncryptpro.sys [2009-08-11 186720]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\Windows\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 akn17fas;akn17fas; C:\Windows\system32\drivers\akn17fas.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cpuz132;cpuz132; \??\C:\Users\Honzik\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 DSGACommsDriver;DSGACommsDriver; \??\C:\WINDOWS\system32\drivers\DSGACommsDriver.sys [2009-09-30 19168]
S3 DSGAFilterDriver;DSGAFilterDriver; \??\C:\WINDOWS\system32\drivers\DSGAFilterDriver.sys [2009-09-30 17632]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-10-03 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 17408]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-11-11 23600]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
R2 astcc;AST Service; C:\WINDOWS\system32\ASTSRV.EXE [2009-09-15 61760]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-09 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [2010-06-24 196928]
R2 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2010-06-24 65856]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-20 66872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9ba1b510f0c16;Služba Google Update (gupdate1c9ba1b510f0c16); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-10 133104]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-26 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-26 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2010-03-31 79360]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-18 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-27 1343400]

-----------------EOF-----------------

A log z CKScanner

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe photoshop cs4\adobe.photoshop.cs4.extended-crack.exe
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vmt
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vtf
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vmt
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vtf
c:\users\honzik\documents\adobe photoshop cs5 extended windows ls6 (cz_hu_pl_ro_ru_tr_ua)\adobe photoshop cs5 extended 12.0 only keymaker-embrace\keygen.exe
c:\users\honzik\documents\bs.player.pro.v2.53.1034.multilingual.incl.keymaker-core\keygen.exe
c:\users\honzik\documents\faststone keymaker\keygen.exe
c:\users\honzik\documents\james camerons avatar the game-reloaded\james camerons avatar the game-reloaded - crack + keygen\avatar_1.01_americas_europe.exe
c:\users\honzik\documents\nitro.pdf.professional.v6.0.1.8.incl.keymaker-embrace\keygen.exe
c:\users\honzik\documents\photoshop\adobe photoshop cs4 v 11cz\adobe.photoshop.cs4.extended.v11.0.fixed-teamt3\adobe.photoshop.cs4.extended-crack.exe
scanner sequence 3.EF.11
----- EOF -----

Re: Kontrola

Napsal: 23 črc 2010 00:58
od vyosek
Ctete pozorne rady a instrukce :!:
vyosek píše:Obstarejte si proto legalni ochranu Vaseho PC (antivir+firewall), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.

Osobne Vam doporucuji kombinaci Avast+ZoneAlarm. Prehled antiviru mate ZDE a firewallu TADY.
Nebudu opravovat PC bez zakladni ochrany, pac by oprava vysla naprazdno - pc by bylo hned infikovano zpatky - nebo jste jako zamyslel na opravu dat NODa pryc a pak pekne supky hupky s nim zpatky :?:

vyosek píše: :arrow: Stahnete na plochu CKScanner
  • Spustte a kliknete na Search for files
  • Po dokonceni skenu kliknete na Save List to File a nasledne OK
  • Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
Taky mi ten log nejak chybi :?:

:arrow: Takze:
  • Instalace zakladni ochrany PC - antivir+firewall
  • Novy log ze RSITu
  • Log z CKScanneru

Re: Kontrola

Napsal: 23 črc 2010 01:01
od vyosek
Pro tuto noc uz koncim, doufam ze rano zde bude vse potrebne a budeme se moci konecne vrhnout na opravu :wink:

Re: Kontrola

Napsal: 23 črc 2010 01:15
od Zizou
Nainstaloval jsem si tedy vámi doporučovaný Avast + ZoneAlarm.

Log z RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Honzik at 2010-07-23 02:12:03
Microsoft Windows 7 Ultimate
System drive C: has 225 GB (37%) free of 610 GB
Total RAM: 3062 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:12:21, on 23.7.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Fraps\fraps.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Gaming Mouse\Gaming 3.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\MiniCLIP\mclip.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Honzik\Desktop\RSIT.exe
C:\Program Files\trend micro\Honzik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/skins7/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O1 - Hosts: ::1 localhost
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Gaming 3] "C:\Gaming Mouse\Gaming 3.exe" /hide
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Honzik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: FastStone Capture.lnk = C:\Program Files\FastStone Capture\FSCapture.exe
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: MiniCLIP.lnk = C:\Program Files\MiniCLIP\mclip.exe
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Add to &Evernote - res://C:\Program Files\Evernote\Evernote3.5\enbar.dll/2000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - (no file)
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0375510637
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9489266859
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9ba1b510f0c16) (gupdate1c9ba1b510f0c16) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 14253 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350281380-233495102-1455855570-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350281380-233495102-1455855570-1004UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1532298954-1417001333-1004.job
C:\Windows\tasks\NeroLiveEpgUpdate-ZIZOU_Honzik.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2008-11-18 36864]
"LogonStudio"=C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe [2002-09-03 987187]
"Six Engine"=C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13 5974528]
"TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-10-21 4040192]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-08-27 233588]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Gaming 3"=C:\Gaming Mouse\Gaming 3.exe [2009-11-09 1216512]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 730600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-06-23 1699128]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 144384]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-04-29 248832]
"Google Update"=C:\Users\Honzik\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-17 133104]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"fsm"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=c:\program files\steam\steam.exe [2010-07-05 1238352]
"AdobeBridge"= []
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-07-06 133368]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MiniCLIP.lnk - C:\Program Files\MiniCLIP\mclip.exe

C:\Users\Honzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FastStone Capture.lnk - C:\Program Files\FastStone Capture\FSCapture.exe
Obsah aplikace OneNote.onetoc2
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticecaption"=
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Users\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Users\Honzik\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Activision\Prototype\prototypef.exe"="C:\Program Files\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM)"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Codemasters\FUEL\FUEL.exe"="C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe"="C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\system32\vomhlm.exe"="C:\WINDOWS\system32\vomhlm.exe:*:Enabled:ENABLE"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-23 02:05:55 ----D---- C:\Users\Honzik\AppData\Roaming\CheckPoint
2010-07-23 02:05:39 ----D---- C:\Program Files\ZoneAlarm
2010-07-23 02:05:29 ----D---- C:\Program Files\CheckPoint
2010-07-23 02:05:25 ----A---- C:\Windows\system32\vsregexp.dll
2010-07-23 02:05:12 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-07-23 02:05:12 ----A---- C:\Windows\system32\drivers\netio.sys
2010-07-23 02:04:59 ----A---- C:\Windows\system32\zlcommdb.dll
2010-07-23 02:04:59 ----A---- C:\Windows\system32\zlcomm.dll
2010-07-23 02:04:54 ----A---- C:\Windows\system32\vswmi.dll
2010-07-23 02:04:51 ----A---- C:\Windows\system32\zpeng25.dll
2010-07-23 02:04:51 ----A---- C:\Windows\system32\vsxml.dll
2010-07-23 02:04:51 ----A---- C:\Windows\system32\vspubapi.dll
2010-07-23 02:04:50 ----A---- C:\Windows\system32\vsmonapi.dll
2010-07-23 02:04:50 ----A---- C:\Windows\system32\vsdata.dll
2010-07-23 02:04:45 ----D---- C:\Windows\system32\ZoneLabs
2010-07-23 02:04:45 ----D---- C:\Program Files\Zone Labs
2010-07-23 02:04:45 ----A---- C:\Windows\system32\drivers\vsdatant.sys
2010-07-23 02:04:23 ----D---- C:\Windows\Internet Logs
2010-07-23 02:04:23 ----D---- C:\ProgramData\CheckPoint
2010-07-23 02:04:23 ----A---- C:\Windows\system32\vsutil.dll
2010-07-23 02:04:23 ----A---- C:\Windows\system32\vsinit.dll
2010-07-23 02:04:04 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-07-23 02:04:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-07-23 02:04:01 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-07-23 02:03:59 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-07-23 02:03:51 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-07-23 02:03:41 ----A---- C:\Windows\system32\aswBoot.exe
2010-07-23 02:03:39 ----D---- C:\ProgramData\Alwil Software
2010-07-23 02:03:39 ----D---- C:\Program Files\Alwil Software
2010-07-21 19:13:22 ----D---- C:\WindowsOffBackup
2010-07-21 19:04:21 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-07-21 19:04:19 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-21 19:03:50 ----D---- C:\Windows\PCHEALTH
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft Sync Framework
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-21 19:03:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-07-21 19:01:39 ----D---- C:\Program Files\Microsoft Analysis Services
2010-07-21 19:00:14 ----RHD---- C:\MSOCache
2010-07-21 02:40:50 ----D---- C:\Program Files\WinSnap
2010-07-21 02:19:29 ----D---- C:\Program Files\MiniCLIP
2010-07-17 17:05:33 ----D---- C:\Users\Honzik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-07-17 17:05:33 ----D---- C:\Users\Honzik\AppData\Roaming\Adobe Mini Bridge CS5
2010-07-17 16:23:09 ----D---- C:\Users\Honzik\AppData\Roaming\RealWorld
2010-07-14 12:48:09 ----D---- C:\ProgramData\PrettyMay
2010-07-14 12:48:09 ----A---- C:\Windows\struct~.ini
2010-07-13 16:54:42 ----D---- C:\ProgramData\Sticky Notes TB Hider
2010-07-13 16:54:42 ----D---- C:\Program Files\StickyNotes
2010-07-13 16:31:45 ----D---- C:\ProgramData\SITEguard
2010-07-13 16:30:41 ----D---- C:\ProgramData\STOPzilla!
2010-07-13 16:30:41 ----D---- C:\Program Files\Common Files\iS3
2010-07-11 21:59:44 ----D---- C:\Program Files\Get Styles
2010-07-11 16:50:51 ----D---- C:\ProgramData\PC Drivers HeadQuarters Inc
2010-07-11 16:48:02 ----D---- C:\Users\Honzik\AppData\Roaming\GetRightToGo
2010-07-10 14:19:48 ----D---- C:\AdobeTemp
2010-07-10 14:18:58 ----D---- C:\Users\Honzik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-07-10 14:17:24 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-07-09 22:16:28 ----D---- C:\Program Files\Counter-Strike Source
2010-07-08 15:02:25 ----D---- C:\Program Files\ESET
2010-07-07 19:35:05 ----D---- C:\Users\Honzik\AppData\Roaming\KompoZer
2010-07-07 19:15:31 ----D---- C:\Program Files\Mozilla Thunderbird
2010-07-07 16:05:09 ----D---- C:\Users\Honzik\AppData\Roaming\Thunderbird
2010-07-07 13:26:31 ----D---- C:\Program Files\Nitro PDF
2010-07-07 13:26:31 ----D---- C:\Program Files\Common Files\Nitro PDF
2010-07-07 01:26:04 ----D---- C:\Program Files\Evernote
2010-07-07 01:16:22 ----D---- C:\Program Files\ATnotes
2010-07-07 01:00:30 ----D---- C:\Users\Honzik\AppData\Roaming\.simpleplainnote
2010-07-06 22:17:56 ----D---- C:\Program Files\ICQ6Toolbar
2010-07-06 22:02:58 ----D---- C:\Program Files\ICQ7.2
2010-07-04 15:17:17 ----D---- C:\Program Files\Rising Research
2010-07-02 22:51:03 ----D---- C:\Users\Honzik\AppData\Roaming\acccore
2010-07-02 22:50:57 ----D---- C:\Program Files\Common Files\Software Update Utility
2010-07-02 22:50:56 ----D---- C:\Program Files\Common Files\AOL
2010-07-02 15:55:03 ----D---- C:\Update
2010-07-02 15:24:26 ----D---- C:\Program Files\MSECACHE
2010-07-02 10:24:09 ----D---- C:\Gaming Mouse
2010-06-29 16:06:41 ----D---- C:\Program Files\FastStone Capture
2010-06-29 15:08:13 ----D---- C:\Program Files\Steam
2010-06-27 23:08:35 ----D---- C:\Windows\system32\Wat
2010-06-24 22:12:54 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 22:12:54 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 22:12:54 ----A---- C:\Windows\system32\dfshim.dll
2010-06-24 11:09:14 ----A---- C:\Windows\system32\NLSSRV32.EXE
2010-06-24 09:07:04 ----A---- C:\Windows\system32\ntdll.dll
2010-06-24 09:07:01 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-24 09:07:00 ----A---- C:\Windows\system32\msdri.dll

======List of files/folders modified in the last 1 months======

2010-07-23 02:12:19 ----D---- C:\Program Files\trend micro
2010-07-23 02:12:18 ----D---- C:\Windows\Temp
2010-07-23 02:10:39 ----AD---- C:\Windows
2010-07-23 02:09:59 ----D---- C:\Users\Honzik\AppData\Roaming\ICQ
2010-07-23 02:09:43 ----D---- C:\Users\Honzik\AppData\Roaming\Skype
2010-07-23 02:08:47 ----A---- C:\Windows\LogonStudio.ini
2010-07-23 02:08:36 ----D---- C:\Windows\winsxs
2010-07-23 02:08:19 ----D---- C:\Windows\system32\config
2010-07-23 02:07:13 ----D---- C:\Windows\system32\drivers
2010-07-23 02:05:39 ----RD---- C:\Program Files
2010-07-23 02:05:39 ----D---- C:\Windows\System32
2010-07-23 02:05:17 ----D---- C:\Windows\system32\catroot
2010-07-23 02:04:49 ----D---- C:\Windows\inf
2010-07-23 02:04:47 ----D---- C:\Windows\system32\DriverStore
2010-07-23 02:04:31 ----D---- C:\Windows\Prefetch
2010-07-23 02:04:23 ----HD---- C:\ProgramData
2010-07-23 02:03:50 ----SHD---- C:\Windows\Installer
2010-07-23 02:03:50 ----SHD---- C:\Config.Msi
2010-07-23 02:03:36 ----SHD---- C:\System Volume Information
2010-07-23 01:44:04 ----D---- C:\Users\Honzik\AppData\Roaming\skypePM
2010-07-22 18:07:26 ----D---- C:\Windows\system32\catroot2
2010-07-22 17:49:36 ----D---- C:\Users\Honzik\AppData\Roaming\Nitro PDF
2010-07-22 17:14:59 ----D---- C:\ProgramData\Microsoft Help
2010-07-21 21:31:42 ----D---- C:\Windows\system32\Tasks
2010-07-21 21:31:41 ----SD---- C:\Windows\Tasks
2010-07-21 21:06:26 ----SD---- C:\Users\Honzik\AppData\Roaming\Microsoft
2010-07-21 19:28:55 ----D---- C:\Windows\Microsoft.NET
2010-07-21 19:28:54 ----RSD---- C:\Windows\assembly
2010-07-21 19:05:05 ----RSD---- C:\Windows\Fonts
2010-07-21 19:04:55 ----D---- C:\Windows\ShellNew
2010-07-21 19:04:54 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-21 19:04:46 ----D---- C:\Program Files\MSBuild
2010-07-21 19:04:19 ----D---- C:\Program Files\Common Files
2010-07-21 19:03:51 ----RD---- C:\Program Files\Microsoft Office
2010-07-21 19:03:50 ----SD---- C:\ProgramData\Microsoft
2010-07-21 19:03:50 ----D---- C:\Program Files\Microsoft.NET
2010-07-21 19:02:38 ----A---- C:\Windows\win.ini
2010-07-21 19:02:37 ----D---- C:\Program Files\Common Files\System
2010-07-21 13:39:53 ----D---- C:\Program Files\Mozilla Firefox
2010-07-21 03:02:53 ----D---- C:\Program Files\Fraps
2010-07-18 17:20:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-18 17:19:42 ----RD---- C:\Program Files\Electronic Arts
2010-07-18 17:19:41 ----D---- C:\ProgramData\Electronic Arts
2010-07-18 17:18:11 ----D---- C:\Program Files\Horizons2
2010-07-18 17:13:39 ----RD---- C:\Program Files\Activision
2010-07-17 16:19:32 ----D---- C:\Users\Honzik\AppData\Roaming\XnView
2010-07-15 11:42:01 ----D---- C:\Windows\debug
2010-07-11 16:07:46 ----D---- C:\Users\Honzik\AppData\Roaming\FlashGetBHO
2010-07-11 16:07:39 ----RD---- C:\Program Files\FlashGet
2010-07-11 15:34:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-11 15:32:47 ----D---- C:\Windows\system32\en-US
2010-07-11 15:30:37 ----D---- C:\Windows\SoftwareDistribution
2010-07-11 14:19:18 ----D---- C:\Users\Honzik\AppData\Roaming\Adobe
2010-07-11 14:18:48 ----RD---- C:\Program Files\Adobe
2010-07-11 14:16:14 ----D---- C:\ProgramData\Adobe
2010-07-11 14:10:54 ----D---- C:\Users\Honzik\AppData\Roaming\BITS
2010-07-10 17:10:44 ----D---- C:\Program Files\Common Files\Adobe
2010-07-10 17:10:25 ----RD---- C:\Program Files\CCleaner
2010-07-10 14:25:16 ----RD---- C:\Program Files\Adobe Media Player
2010-07-10 14:20:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-07-08 15:19:14 ----D---- C:\Users\Honzik\AppData\Roaming\ESET
2010-07-08 15:12:26 ----D---- C:\Windows\system32\LogFiles
2010-07-07 15:58:30 ----D---- C:\Program Files\XnView
2010-07-07 15:55:26 ----D---- C:\Users\Honzik\AppData\Roaming\FastStone
2010-07-07 15:52:29 ----D---- C:\Program Files\IrfanView
2010-07-07 13:25:12 ----D---- C:\Users\Honzik\AppData\Roaming\Downloaded Installations
2010-07-06 22:17:48 ----D---- C:\ProgramData\ICQ
2010-07-06 21:58:38 ----D---- C:\Program Files\Miranda IM
2010-07-05 12:54:25 ----D---- C:\Program Files\Unlocker
2010-07-05 12:54:25 ----D---- C:\Program Files\DivX
2010-07-04 18:08:52 ----D---- C:\Program Files\The KMPlayer
2010-07-04 15:54:43 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-07-04 15:53:50 ----D---- C:\Users\Honzik\AppData\Roaming\BSplayer
2010-07-04 15:52:39 ----D---- C:\Program Files\All Ten Fingers
2010-07-04 15:52:24 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-07-04 15:52:15 ----D---- C:\Program Files\TeamViewer
2010-07-04 15:49:15 ----D---- C:\Program Files\LogMeIn Hamachi
2010-07-04 11:16:45 ----N---- C:\Windows\SchedLgU.Txt
2010-07-02 21:39:05 ----A---- C:\Windows\system32\MRT.exe
2010-06-29 15:08:13 ----D---- C:\Program Files\Common Files\Steam
2010-06-28 14:42:36 ----D---- C:\Windows\system32\NDF
2010-06-24 22:12:46 ----D---- C:\Windows\ehome
2010-06-24 22:12:32 ----D---- C:\Windows\AppPatch
2010-06-24 11:06:54 ----A---- C:\Windows\system32\nitrolocalui.dll
2010-06-24 11:06:52 ----A---- C:\Windows\system32\nitrolocalmon.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-18 83296]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-05-01 43528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-15 691696]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2009-10-28 368736]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 461400]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
R2 ncryptpro;ncryptpro; \??\C:\WINDOWS\system32\Drivers\ncryptpro.sys [2009-08-11 186720]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\Windows\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 ah4sq9t5;ah4sq9t5; C:\Windows\system32\drivers\ah4sq9t5.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cpuz132;cpuz132; \??\C:\Users\Honzik\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 DSGACommsDriver;DSGACommsDriver; \??\C:\WINDOWS\system32\drivers\DSGACommsDriver.sys [2009-09-30 19168]
S3 DSGAFilterDriver;DSGAFilterDriver; \??\C:\WINDOWS\system32\drivers\DSGAFilterDriver.sys [2009-09-30 17632]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-10-03 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 17408]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-11-11 23600]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
R2 astcc;AST Service; C:\WINDOWS\system32\ASTSRV.EXE [2009-09-15 61760]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-09 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [2010-06-24 196928]
R2 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2010-06-24 65856]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-20 66872]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9ba1b510f0c16;Služba Google Update (gupdate1c9ba1b510f0c16); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-10 133104]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-26 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-26 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2010-03-31 79360]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-18 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-27 1343400]

-----------------EOF-----------------

Log z CKScanner

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe photoshop cs4\adobe.photoshop.cs4.extended-crack.exe
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vmt
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vtf
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vmt
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vtf
c:\users\honzik\documents\adobe photoshop cs5 extended windows ls6 (cz_hu_pl_ro_ru_tr_ua)\adobe photoshop cs5 extended 12.0 only keymaker-embrace\keygen.exe
c:\users\honzik\documents\bs.player.pro.v2.53.1034.multilingual.incl.keymaker-core\keygen.exe
c:\users\honzik\documents\faststone keymaker\keygen.exe
c:\users\honzik\documents\james camerons avatar the game-reloaded\james camerons avatar the game-reloaded - crack + keygen\avatar_1.01_americas_europe.exe
c:\users\honzik\documents\nitro.pdf.professional.v6.0.1.8.incl.keymaker-embrace\keygen.exe
c:\users\honzik\documents\photoshop\adobe photoshop cs4 v 11cz\adobe.photoshop.cs4.extended.v11.0.fixed-teamt3\adobe.photoshop.cs4.extended-crack.exe
scanner sequence 3.CH.11
----- EOF -----

Re: Kontrola

Napsal: 23 črc 2010 07:07
od vyosek
:arrow: Stahnete OTM (viz muj podpis)
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :services
SSHNAS

:reg
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"P17RunE"=-
"Halo2"=-
"JDK5SWFMZY"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Videohost"=-
"SSHNAS"=-
"LosAlamos"=-
"Halo2"=-

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Windows\tasks\NeroLiveEpgUpdate-ZIZOU_Honzik.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
C:\Users\Honzik\AppData\Local\Temp
%windir%\msa.exe
%windir%\system32\sshnas.dll
%windir%\system32\sshnas21.dll
%windir%\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
%windir%\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Program Files\ESET
c:\program files\adobe\adobe photoshop cs4\adobe.photoshop.cs4.extended-crack.exe
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vmt
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vtf
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vmt
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vtf
c:\users\honzik\documents\adobe photoshop cs5 extended windows ls6 (cz_hu_pl_ro_ru_tr_ua)\adobe photoshop cs5 extended 12.0 only keymaker-embrace\keygen.exe
c:\users\honzik\documents\bs.player.pro.v2.53.1034.multilingual.incl.keymaker-core\keygen.exe
c:\users\honzik\documents\faststone keymaker\keygen.exe
c:\users\honzik\documents\james camerons avatar the game-reloaded\james camerons avatar the game-reloaded - crack + keygen\avatar_1.01_americas_europe.exe
c:\users\honzik\documents\nitro.pdf.professional.v6.0.1.8.incl.keymaker-embrace\keygen.exe
c:\users\honzik\documents\photoshop\adobe photoshop cs4 v 11cz\adobe.photoshop.cs4.extended.v11.0.fixed-teamt3\adobe.photoshop.cs4.extended-crack.exe

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
  • Kliknete na cervene tlacitko MoveIt!
  • Sem pote dejte obsah okna Results (pod zelenou carou)
  • Pokud budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles

Re: Kontrola

Napsal: 23 črc 2010 11:11
od Zizou
All processes killed
========== SERVICES/DRIVERS ==========
Error: No service named SSHNAS was found to stop!
Service\Driver key SSHNAS not found.
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://www.seznam.cz/" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\P17RunE deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Halo2 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\JDK5SWFMZY not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Videohost not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SSHNAS not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LosAlamos not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Halo2 not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully.
C:\WINDOWS\DD1865F0AD7340FBB23E1822E02396FF.TMP folder moved successfully.
C:\WINDOWS\DUMP52d3.tmp moved successfully.
C:\WINDOWS\DUMP5321.tmp moved successfully.
C:\WINDOWS\DUMP5350.tmp moved successfully.
C:\WINDOWS\DUMP535f.tmp moved successfully.
C:\WINDOWS\DUMP538e.tmp moved successfully.
C:\WINDOWS\DUMP54b7.tmp moved successfully.
C:\WINDOWS\DUMP5a45.tmp moved successfully.
C:\WINDOWS\DUMP5e3d.tmp moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\NV36763104.TMP folder moved successfully.
C:\WINDOWS\NV8043496.TMP folder moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI57F5.tmp moved successfully.
C:\WINDOWS\Installer\MSI5FE1.tmp moved successfully.
C:\WINDOWS\Installer\MSI80DC.tmp moved successfully.
C:\WINDOWS\Installer\MSIA250.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltC259.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0ab1ccb51864d2fe80d6c75ea0c56e1b\BIT4833.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\1016e7c2194e7096cde1bcb2e1f5a9e8\BIT27B8.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\180cb51bcc2674178161dc94bf7067c0\BIT3FB6.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2812dd70ff49d872a81e47e49ff68cfb\BIT2E4F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\296a8ac1f6551b612dfda7a37d7b41fc\BIT44C7.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\31f4047d31ad7bb4f374205f031057eb\BIT6B4B.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\343e30becb9221b07faa4557f73e51f6\BIT6706.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\3930465691338446ffe46b0b80f4c383\BIT2296.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\41701314dfd891883b018af262a2c0d3\BIT4331.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\48006d8a7852c4b4f5902de171d6e6e8\BIT1E6F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\53bc982040ba4c152c7494df76a24e52\BIT3575.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\5965ae5f58a9934eb5870c3d2608da63\BIT5F47.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\5b144c39f01fd9686f7845f9b2bbc72a\BIT1CAA.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\5e12ea6d0e072aab6f53af0694fa9fb7\BIT3B32.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\606959f135f64071801f2a3c43ec5148\BIT468D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\6c9a1159cdbfacaf5f978aeda20b80bd\BIT6DFA.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\72bc764eb25002a87062f61e87e58522\BIT63AB.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\7a2f8c60e971a0f34a9c0c5b082f9c5c\BIT373A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\7ae88fabbcb88a8b23669c5b7a55e975\BIT398C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\7e284ba63de58639e22f057738e26378\BIT4F68.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\89c7cb10bca1b437c6d83b4495a0f365\BIT247B.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8bcc9c8e82c1f4cc35e806691ce163e9\BIT51F8.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\91727e2cb715485ecd9a0173ed29d768\BIT2044.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b0c9d8edd5ed5619fc8709ae0093b706\BIT33DE.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b598768aaf80a7197371f560d4de8de8\BIT4A46.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\c7349eb20fa3885fb4d788ba51d0ef08\BIT3CD8.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\ccaa8a0ddc7a0512cc900fcf2a173046\BIT3228.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\d13daac2b5aad1126aa5b6acf47e1959\BIT5C59.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\d454b2de97403f88455d77c85fbba4f0\BIT5554.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\da37152a1819057ae64a128accda459e\BIT57A6.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\daeb6b741248a4a31c7978bf4a13357c\BIT538E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e1c438ffa7f63b53b5cd1dc94d13982c\BIT2602.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e2b6f8baad15187fea5c0b32f35959b1\BIT4BEC.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e97c395825698a4882bc1bfe047bf7d2\BIT5A26.tmp moved successfully.
C:\WINDOWS\System32\OLD4C.tmp moved successfully.
C:\WINDOWS\System32\tmp90.tmp moved successfully.
C:\WINDOWS\System32\tmp91.tmp moved successfully.
C:\WINDOWS\Temp\ZLT00e7e.TMP moved successfully.
File move failed. C:\WINDOWS\Temp\ZLT0535f.TMP scheduled to be moved on reboot.
C:\Windows\tasks\NeroLiveEpgUpdate-ZIZOU_Honzik.job moved successfully.
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job moved successfully.
C:\Users\Honzik\AppData\Local\Temp\Rar$EX03.978 folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\Rar$EX00.995 folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\Rar$EX00.364 folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\NGLATempNokia folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\Low folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\IswTmp\WH folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\IswTmp\Shared folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\IswTmp\PA folder moved successfully.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp\IswTmp\Logs scheduled to be moved on reboot.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp\IswTmp scheduled to be moved on reboot.
C:\Users\Honzik\AppData\Local\Temp\Google Updater170991 folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\conduit folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\07231020422 folder moved successfully.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp scheduled to be moved on reboot.
File/Folder C:\Windows\msa.exe not found.
File/Folder C:\Windows\system32\sshnas.dll not found.
File/Folder C:\Windows\system32\sshnas21.dll not found.
File/Folder C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job not found.
File/Folder C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job not found.
C:\Program Files\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Program Files\ESET folder moved successfully.
c:\program files\adobe\adobe photoshop cs4\Adobe.Photoshop.CS4.Extended-Crack.exe moved successfully.
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vmt moved successfully.
c:\program files\counter-strike source\cstrike\materials\concrete\prodwllecracked.vtf moved successfully.
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vmt moved successfully.
c:\program files\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vtf moved successfully.
c:\users\honzik\documents\adobe photoshop cs5 extended windows ls6 (cz_hu_pl_ro_ru_tr_ua)\adobe photoshop cs5 extended 12.0 only keymaker-embrace\keygen.exe moved successfully.
c:\users\honzik\documents\bs.player.pro.v2.53.1034.multilingual.incl.keymaker-core\keygen.exe moved successfully.
c:\users\honzik\documents\faststone keymaker\keygen.exe moved successfully.
c:\users\honzik\documents\james camerons avatar the game-reloaded\james camerons avatar the game-reloaded - crack + keygen\avatar_1.01_americas_europe.exe moved successfully.
c:\users\honzik\documents\nitro.pdf.professional.v6.0.1.8.incl.keymaker-embrace\keygen.exe moved successfully.
c:\users\honzik\documents\photoshop\adobe photoshop cs4 v 11cz\adobe.photoshop.cs4.extended.v11.0.fixed-teamt3\Adobe.Photoshop.CS4.Extended-Crack.exe moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41661 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Honzik
->Temp folder emptied: 6569643 bytes
->Temporary Internet Files folder emptied: 8016085 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 48806049 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 100198486 bytes
->Flash cache emptied: 59417 bytes

User: IDE

User: Intel

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 909190 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 157,00 mb


[EMPTYFLASH]

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Honzik
->Flash cache emptied: 0 bytes

User: IDE

User: Intel

User: Public

Total Flash Files Cleaned = 0,00 mb



OTL by OldTimer - Version 3.2.9.1 log created on 07232010_120600

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\Temp\ZLT0535f.TMP not found!
Folder move failed. C:\Users\Honzik\AppData\Local\Temp\IswTmp\Logs scheduled to be moved on reboot.
C:\Users\Honzik\AppData\Local\Temp\IswTmp\WH folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\IswTmp\Shared folder moved successfully.
C:\Users\Honzik\AppData\Local\Temp\IswTmp\PA folder moved successfully.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp\IswTmp\Logs scheduled to be moved on reboot.
C:\Users\Honzik\AppData\Local\Temp\IswTmp\DwlRun folder moved successfully.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp\IswTmp scheduled to be moved on reboot.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp\IswTmp\Logs scheduled to be moved on reboot.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp\IswTmp scheduled to be moved on reboot.
Folder move failed. C:\Users\Honzik\AppData\Local\Temp scheduled to be moved on reboot.
File\Folder C:\Users\Honzik\AppData\Local\Temp\moz_media_cache not found!
C:\Users\Honzik\AppData\Local\Temp\~DFDAA37D72C89AA157.TMP moved successfully.
C:\Users\Honzik\AppData\Local\Mozilla\Firefox\Profiles\8sne27ri.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Honzik\AppData\Local\Mozilla\Firefox\Profiles\8sne27ri.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Honzik\AppData\Local\Mozilla\Firefox\Profiles\8sne27ri.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Honzik\AppData\Local\Mozilla\Firefox\Profiles\8sne27ri.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Honzik\AppData\Local\Mozilla\Firefox\Profiles\8sne27ri.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: Kontrola

Napsal: 23 črc 2010 11:17
od vyosek
:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
  • Provedte aktualizaci - treti zalozka
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Re: Kontrola

Napsal: 23 črc 2010 11:37
od Zizou
Zatím probíhá sken... :happy:

Re: Kontrola

Napsal: 23 črc 2010 11:38
od vyosek
OKi, pockam na log :wink:

Re: Kontrola

Napsal: 23 črc 2010 12:35
od Zizou
Uff... po hodině. Tady je log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4340

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.7.2010 13:30:50
mbam-log-2010-07-23 (13-30-50).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 367374
Uplynulý čas: 1 hodina(y), 0 minuta(y), 26 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 6

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\JDK5SWFMZY (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\TG0PTF86JH (Trojan.FakeAlert) -> No action taken.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\System Volume Information\_restore{080BC10C-0208-4F91-AF51-CF2F6F356B1B}\RP282\A0176914.rbf (Rogue.sysCleaner) -> No action taken.
C:\System Volume Information\_restore{080BC10C-0208-4F91-AF51-CF2F6F356B1B}\RP282\A0177040.vxd (Rogue.sysCleaner) -> No action taken.
C:\_OTL\MovedFiles\07232010_120600\C_Users\Honzik\documents\adobe photoshop cs5 extended windows ls6 (cz_hu_pl_ro_ru_tr_ua)\adobe photoshop cs5 extended 12.0 only keymaker-embrace\keygen.exe (Malware.Packer.Gen) -> No action taken.
C:\_OTL\MovedFiles\07232010_120600\C_Users\Honzik\documents\bs.player.pro.v2.53.1034.multilingual.incl.keymaker-core\keygen.exe (Trojan.Agent) -> No action taken.
C:\_OTL\MovedFiles\07232010_120600\C_Users\Honzik\documents\nitro.pdf.professional.v6.0.1.8.incl.keymaker-embrace\keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Windows\System32\kr_done1 (Malware.Trace) -> No action taken.

Re: Kontrola

Napsal: 23 črc 2010 12:39
od vyosek
:arrow: Vse co nasel MBAM smazte

:arrow: Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040

:arrow: Jak se chova PC :???:

Re: Kontrola

Napsal: 23 črc 2010 14:20
od Zizou
Vymazal jsem body obnovení podle toho druhého návodu. Moje složka C:\System Volume Information nyní vypadá takto (viz. příloha). PC se chová normálně. Hláška o sshnas21.dll zmizla. Pokud je to vše, tak moc děkuji za váš čas a rád si zase příště přijdu zkontrolovat log. Děkuji moc :arcisit:.
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz