VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Presmerování ve vyhledavaci

https://forum.viry.cz:443/viewtopic.php?t=111294

Stránka 1 z 1

Presmerování ve vyhledavaci

Napsal: 23 dub 2011 14:01
od tisic
Prosim pomozte. Kdyz kliknu na odkaz ve vyhledavaci Google, presmeruje me to kam nechci. Jsem laik.
Predem dekuji.



Logfile of random's system information tool 1.08 (written by random/random)
Run by Sabinka at 2011-04-23 14:53:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 76 GB (64%) free of 119 GB
Total RAM: 3886 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:52, on 23.4.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\trend micro\Sabinka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.novinky.cz/denni-tisk?sectio ... d=18439914
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [C:!Users!Sabinka!AppData!Local!Google!Chrome!User Data_service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-236230673-489465088-3278936597-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-236230673-489465088-3278936597-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - S-1-5-21-236230673-489465088-3278936597-1000 Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe (User 'UpdatusUser')
O4 - S-1-5-21-236230673-489465088-3278936597-1000 User Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files (x86)\Adblock Pro\blockimg.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass vyplňování formulářů - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\progra~2\bandoo\bndhook.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14467 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
taskeng.exe {340D0B28-3F21-4374-9DEE-C728D8D52390}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\iTVData0.dll",ROPDCF
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\iTVData0.dll",ROPDCF
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {D6A5DDCD-4624-4305-9285-114E0A57548A}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" -Xms56m -Xmx112m -classpath .;syncables.jar migoDesktop.migoDesktopMain sid=S-1-5-21-236230673-489465088-3278936597-1001
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Sabinka\Downloads\RSITX64.EXE"

======Scheduled tasks folder======

C:\Windows\tasks\fdwqz.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Browser Helper Object - C:\Program Files (x86)\LastPass\LPBar.dll [2011-03-23 7310024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPBar.dll [2011-03-23 7310024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"TNOD UP"=C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-06 2114376]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1680976]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2918656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-04-05 370480]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728]
"C:!Users!Sabinka!AppData!Local!Google!Chrome!User Data_service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2011-04-13 1004088]
"SpywareTerminatorUpdate"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-04-23 3318784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-08-24 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-10 9643552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Sabinka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"=C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-06-25 210216]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-08-24 2429]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"SpywareTerminator"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2011-04-23 2557440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 66640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-04-23 14:53:47 ----D---- C:\Program Files\trend micro
2011-04-23 14:53:46 ----D---- C:\rsit
2011-04-23 13:32:59 ----D---- C:\Users\Sabinka\AppData\Roaming\Spyware Terminator
2011-04-23 13:32:58 ----D---- C:\ProgramData\Spyware Terminator
2011-04-23 13:32:58 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-04-22 18:43:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-04-21 14:28:22 ----D---- C:\ProgramData\ESET
2011-04-21 14:28:22 ----D---- C:\Program Files\ESET
2011-04-21 11:00:06 ----RASH---- C:\Windows\SYSWOW64\iTVData0.dll
2011-04-20 09:43:27 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-04-20 09:43:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-19 10:36:47 ----D---- C:\Program Files (x86)\ICQ7.5
2011-04-14 19:29:19 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-14 19:29:19 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-14 19:29:19 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-14 19:29:18 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-14 19:29:18 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-14 19:29:16 ----A---- C:\Windows\system32\winresume.exe
2011-04-14 19:29:16 ----A---- C:\Windows\system32\winload.exe
2011-04-14 19:29:16 ----A---- C:\Windows\system32\kdusb.dll
2011-04-14 19:29:16 ----A---- C:\Windows\system32\kdcom.dll
2011-04-14 19:29:16 ----A---- C:\Windows\system32\kd1394.dll
2011-04-14 19:29:14 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-14 19:29:14 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-14 19:29:14 ----A---- C:\Windows\system32\atmlib.dll
2011-04-14 19:29:14 ----A---- C:\Windows\system32\atmfd.dll
2011-04-14 19:29:01 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-14 19:29:01 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-14 19:29:01 ----A---- C:\Windows\system32\mfc42.dll
2011-04-14 19:29:00 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-14 19:28:59 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-14 19:28:59 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-14 19:28:59 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-14 19:28:59 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-14 19:28:59 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-14 19:28:58 ----A---- C:\Windows\system32\win32k.sys
2011-04-14 19:28:52 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-08 11:27:48 ----D---- C:\ProgramData\vsosdk
2011-04-08 09:59:34 ----D---- C:\Users\Sabinka\AppData\Roaming\NVIDIA
2011-04-01 06:34:33 ----A---- C:\Windows\system32\acovcnt.exe
2011-03-29 12:03:59 ----SHD---- C:\Users\Sabinka\AppData\Roaming\.#
2011-03-29 12:03:59 ----A---- C:\Windows\SYSWOW64\windrvNT.sys
2011-03-29 12:03:59 ----A---- C:\Windows\SYSWOW64\suppdll.dll
2011-03-28 14:33:04 ----D---- C:\Program Files\Zoner
2011-03-28 07:11:21 ----D---- C:\ProgramData\TomTom
2011-03-28 07:11:12 ----D---- C:\Users\Sabinka\AppData\Roaming\TomTom
2011-03-28 07:11:08 ----D---- C:\Program Files (x86)\TomTom International B.V
2011-03-28 07:10:57 ----D---- C:\Program Files (x86)\TomTom HOME 2
2011-03-28 07:09:23 ----D---- C:\Program Files (x86)\TomTom DesktopSuite
2011-03-27 08:57:52 ----D---- C:\Users\Sabinka\AppData\Roaming\WinRAR
2011-03-27 08:55:24 ----D---- C:\Program Files\WinRAR
2011-03-26 18:09:01 ----D---- C:\Users\Sabinka\AppData\Roaming\Media Player Classic
2011-03-26 09:21:53 ----A---- C:\Windows\system32\FntCache.dll
2011-03-26 09:21:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-03-26 09:21:52 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-03-26 09:21:52 ----A---- C:\Windows\system32\DWrite.dll
2011-03-26 09:21:52 ----A---- C:\Windows\system32\d2d1.dll
2011-03-26 09:21:51 ----A---- C:\Windows\system32\XpsPrint.dll
2011-03-26 09:21:50 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-03-26 09:21:43 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-03-26 09:21:43 ----A---- C:\Windows\system32\d3d10_1.dll

======List of files/folders modified in the last 1 months======

2011-04-23 14:53:48 ----D---- C:\Windows\Temp
2011-04-23 14:53:47 ----RD---- C:\Program Files
2011-04-23 14:45:37 ----D---- C:\Windows\system32\config
2011-04-23 14:33:48 ----D---- C:\Windows\system32\FxsTmp
2011-04-23 14:33:37 ----D---- C:\Windows\system32\Tasks
2011-04-23 14:33:18 ----A---- C:\Windows\SYSWOW64\log.txt
2011-04-23 14:32:54 ----RD---- C:\Program Files (x86)
2011-04-23 14:19:42 ----D---- C:\Windows\system32\drivers
2011-04-23 14:19:42 ----D---- C:\ProgramData\Norton
2011-04-23 14:19:41 ----D---- C:\Windows\Tasks
2011-04-23 14:07:22 ----SHD---- C:\$Recycle.Bin
2011-04-23 14:06:36 ----D---- C:\Windows\System32
2011-04-23 14:06:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-23 14:06:35 ----D---- C:\Windows\inf
2011-04-23 14:02:54 ----A---- C:\Windows\system32\ServiceFilter.ini
2011-04-23 14:02:53 ----A---- C:\Windows\system32\AutoRunFilter.ini
2011-04-23 14:01:57 ----D---- C:\Windows
2011-04-23 14:01:57 ----D---- C:\Program Files\Google
2011-04-23 14:01:57 ----D---- C:\Program Files (x86)\Google
2011-04-23 13:32:58 ----HD---- C:\ProgramData
2011-04-23 13:18:37 ----D---- C:\ProgramData\Google
2011-04-23 11:56:02 ----SHD---- C:\Windows\Installer
2011-04-23 11:53:59 ----D---- C:\Windows\system32\NDF
2011-04-23 11:48:10 ----D---- C:\Windows\Downloaded Program Files
2011-04-23 11:48:09 ----D---- C:\Windows\SYSWOW64\Adobe
2011-04-23 11:45:37 ----D---- C:\Windows\SYSWOW64\Macromed
2011-04-22 18:11:18 ----D---- C:\ProgramData\tmp
2011-04-22 15:32:51 ----SHD---- C:\System Volume Information
2011-04-22 10:57:08 ----RSD---- C:\Windows\assembly
2011-04-22 10:57:08 ----D---- C:\Program Files\Common Files\Bullzip
2011-04-22 06:47:50 ----D---- C:\ProgramData\Adobe
2011-04-21 23:38:16 ----D---- C:\Windows\Logs
2011-04-21 14:28:40 ----D---- C:\Windows\system32\DriverStore
2011-04-21 14:28:40 ----D---- C:\Windows\system32\catroot
2011-04-21 14:28:39 ----D---- C:\Windows\system32\catroot2
2011-04-21 12:51:00 ----D---- C:\Windows\debug
2011-04-21 12:12:08 ----SD---- C:\ProgramData\Microsoft
2011-04-21 11:00:06 ----D---- C:\Windows\SysWOW64
2011-04-21 09:55:14 ----D---- C:\Users\Sabinka\AppData\Roaming\ICQ
2011-04-20 10:14:57 ----D---- C:\Users\Sabinka\AppData\Roaming\Mozilla
2011-04-20 09:49:42 ----D---- C:\Windows\SYSWOW64\NV
2011-04-20 09:49:41 ----D---- C:\Windows\system32\NV
2011-04-20 09:47:39 ----D---- C:\Windows\winsxs
2011-04-20 09:44:37 ----A---- C:\Windows\system32\MRT.exe
2011-04-20 09:44:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-19 19:20:24 ----D---- C:\Windows\Prefetch
2011-04-19 10:36:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-04-19 06:49:04 ----SD---- C:\Users\Sabinka\AppData\Roaming\Microsoft
2011-04-19 06:49:04 ----D---- C:\Users\Sabinka\AppData\Roaming\Adobe
2011-04-19 06:48:17 ----D---- C:\Program Files (x86)\Common Files
2011-04-19 06:48:17 ----D---- C:\Program Files (x86)\Adobe
2011-04-15 18:12:43 ----D---- C:\Windows\Microsoft.NET
2011-04-15 17:43:47 ----D---- C:\Users\Sabinka\AppData\Roaming\Skype
2011-04-15 17:42:57 ----D---- C:\Users\Sabinka\AppData\Roaming\SkypePM
2011-04-14 19:55:07 ----D---- C:\Windows\system32\Boot
2011-04-14 19:32:20 ----D---- C:\ProgramData\Microsoft Help
2011-04-13 08:28:54 ----D---- C:\Program Files (x86)\Ashampoo
2011-04-13 08:07:00 ----D---- C:\Users\Sabinka\AppData\Roaming\Ashampoo
2011-04-11 14:44:11 ----D---- C:\Windows\system32\wdi
2011-04-09 18:37:57 ----D---- C:\ProgramData\hps
2011-04-06 16:06:47 ----A---- C:\Windows\ATKPF.ini
2011-03-28 14:40:53 ----D---- C:\Users\Sabinka\AppData\Roaming\Zoner
2011-03-24 20:15:59 ----RD---- C:\Program Files (x86)\Skype
2011-03-24 20:08:13 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-29 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 170640]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 50624]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-10 2222624]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-21 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2010-08-24 74320]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2010-08-24 13392]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 63568]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 57936]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-07-08 211432]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-07-29 58488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 windrvNT;windrvNT; \??\C:\Windows\syswow64\windrvNT.sys [2011-03-29 35363]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-22 159336]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-06-22 1616488]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2011-04-23 948775]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-04-06 244904]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-31 192368]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 357456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-21 1255736]

-----------------EOF-----------------

Re: Presmerování ve vyhledavaci

Napsal: 23 dub 2011 14:06
od vyosek
Zdravim a pekny den preji :)

Vzhledem k tomu, ze pouzivate nelegalni SW Obrázek se nedivim, ze jste navstevnikem naseho fora :?:
Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek, pachate trestny cin a ten jako takovy nebude nasim forem podporovan. Uvedomte si, ze jste na bezpecnostnim foru - podpora warezu (zvlaste bezpecnostnich programu) by byla zcela proti logice fora :!:
Obstarejte si proto legalni ochranu Vaseho PC (antivir), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.

Osobne Vam doporucuji Avast, Aviru nebo MSE. Prehled antiviru mate ZDE.

:arrow: Log z RSITu - viz muj podpis
:arrow: Stahnete na plochu CKScanner
  • Spustte a kliknete na Search for files
  • Po dokonceni skenu kliknete na Save List to File a nasledne OK
  • Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Re: Presmerování ve vyhledavaci

Napsal: 23 dub 2011 15:36
od tisic
Log z RSITu


Logfile of random's system information tool 1.08 (written by random/random)
Run by Sabinka at 2011-04-23 16:18:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 76 GB (64%) free of 119 GB
Total RAM: 3886 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:18:31, on 23.4.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Sabinka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.novinky.cz/denni-tisk?sectio ... d=18439914
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [C:!Users!Sabinka!AppData!Local!Google!Chrome!User Data_service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-236230673-489465088-3278936597-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-236230673-489465088-3278936597-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - S-1-5-21-236230673-489465088-3278936597-1000 Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe (User 'UpdatusUser')
O4 - S-1-5-21-236230673-489465088-3278936597-1000 User Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe (User 'UpdatusUser')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files (x86)\Adblock Pro\blockimg.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass vyplňování formulářů - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\progra~2\bandoo\bndhook.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15704 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {2E13D40E-B31D-47C4-BD2F-5B9AF8D68E35}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\iTVData0.dll",ROPDCF
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\iTVData0.dll",ROPDCF
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskeng.exe {9FB1F936-ACCD-44CE-8AEB-48207672BA18}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
ATKOSD.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
KBFiltr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
KHALMNPR.EXE /API
WDC.exe
"C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" -Xms56m -Xmx112m -classpath .;syncables.jar migoDesktop.migoDesktopMain sid=S-1-5-21-236230673-489465088-3278936597-1001
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Windows\AsScrPro.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\Basis\\program"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service --lang=cs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D2D480.1457571944 /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D0FC00.1237603533 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D0F180.1148344314 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D18600.420743859 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D18480.640855940 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D18300.1969916292 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D18180.221340605 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D18000.1753044226 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest="CacheSize/CacheSizeGroup_0/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.00D18D80.1262891611 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Sabinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.73.3_0\nplastpass.dll" --lang=cs --plugin-data-dir="C:\Users\Sabinka\AppData\Local\Google\Chrome\User Data\Default" --channel=3036.08476E00.1954470925 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest="CacheSize/CacheSizeGroup_0/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_2 concurrent_prefetch/DnsParallelism/parallel_8/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd32/SpdyImpact/npn_with_spdy/" --channel=3036.084CB900.596394307 /prefetch:3
"C:\Users\Sabinka\Desktop\RSITX64.EXE"

======Scheduled tasks folder======

C:\Windows\tasks\fdwqz.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-04-18 976424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-04-18 818280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Browser Helper Object - C:\Program Files (x86)\LastPass\LPBar.dll [2011-03-23 7310024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-04-18 976424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPBar.dll [2011-03-23 7310024]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-04-18 818280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-06 2114376]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1680976]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-04-05 370480]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728]
"C:!Users!Sabinka!AppData!Local!Google!Chrome!User Data_service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2011-04-13 1004088]
"SpywareTerminatorUpdate"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-04-23 3318784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-08-24 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-10 9643552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Sabinka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"=C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-06-25 210216]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-08-24 2429]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"SpywareTerminator"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2011-04-23 2557440]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-04-18 3460784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

C:\Users\Sabinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 66640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-04-23 15:42:41 ----D---- C:\Program Files\7-Zip
2011-04-23 15:17:36 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-04-23 15:17:36 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-04-23 15:17:35 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-04-23 15:17:34 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-04-23 15:17:18 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-04-23 15:17:18 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-04-23 15:17:18 ----A---- C:\Windows\system32\aswBoot.exe
2011-04-23 15:17:07 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-04-23 15:17:04 ----D---- C:\ProgramData\AVAST Software
2011-04-23 15:17:04 ----D---- C:\Program Files\AVAST Software
2011-04-23 14:53:47 ----D---- C:\Program Files\trend micro
2011-04-23 14:53:46 ----D---- C:\rsit
2011-04-23 13:32:59 ----D---- C:\Users\Sabinka\AppData\Roaming\Spyware Terminator
2011-04-23 13:32:58 ----D---- C:\ProgramData\Spyware Terminator
2011-04-23 13:32:58 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-04-22 18:43:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-04-21 11:00:06 ----RASH---- C:\Windows\SYSWOW64\iTVData0.dll
2011-04-20 09:43:27 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-04-20 09:43:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-19 10:36:47 ----D---- C:\Program Files (x86)\ICQ7.5
2011-04-14 19:29:19 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-14 19:29:19 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-14 19:29:19 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-14 19:29:18 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-14 19:29:18 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-14 19:29:16 ----A---- C:\Windows\system32\winresume.exe
2011-04-14 19:29:16 ----A---- C:\Windows\system32\winload.exe
2011-04-14 19:29:16 ----A---- C:\Windows\system32\kdusb.dll
2011-04-14 19:29:16 ----A---- C:\Windows\system32\kdcom.dll
2011-04-14 19:29:16 ----A---- C:\Windows\system32\kd1394.dll
2011-04-14 19:29:14 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-14 19:29:14 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-14 19:29:14 ----A---- C:\Windows\system32\atmlib.dll
2011-04-14 19:29:14 ----A---- C:\Windows\system32\atmfd.dll
2011-04-14 19:29:01 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-14 19:29:01 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-14 19:29:01 ----A---- C:\Windows\system32\mfc42.dll
2011-04-14 19:29:00 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-14 19:28:59 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-14 19:28:59 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-14 19:28:59 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-14 19:28:59 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-14 19:28:59 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-14 19:28:58 ----A---- C:\Windows\system32\win32k.sys
2011-04-14 19:28:52 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-14 19:28:19 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-08 11:27:48 ----D---- C:\ProgramData\vsosdk
2011-04-08 09:59:34 ----D---- C:\Users\Sabinka\AppData\Roaming\NVIDIA
2011-04-01 06:34:33 ----A---- C:\Windows\system32\acovcnt.exe
2011-03-29 12:03:59 ----SHD---- C:\Users\Sabinka\AppData\Roaming\.#
2011-03-29 12:03:59 ----A---- C:\Windows\SYSWOW64\windrvNT.sys
2011-03-29 12:03:59 ----A---- C:\Windows\SYSWOW64\suppdll.dll
2011-03-28 07:11:21 ----D---- C:\ProgramData\TomTom
2011-03-28 07:11:12 ----D---- C:\Users\Sabinka\AppData\Roaming\TomTom
2011-03-28 07:11:08 ----D---- C:\Program Files (x86)\TomTom International B.V
2011-03-28 07:10:57 ----D---- C:\Program Files (x86)\TomTom HOME 2
2011-03-28 07:09:23 ----D---- C:\Program Files (x86)\TomTom DesktopSuite
2011-03-27 08:57:52 ----D---- C:\Users\Sabinka\AppData\Roaming\WinRAR
2011-03-26 18:09:01 ----D---- C:\Users\Sabinka\AppData\Roaming\Media Player Classic
2011-03-26 09:21:53 ----A---- C:\Windows\system32\FntCache.dll
2011-03-26 09:21:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-03-26 09:21:52 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-03-26 09:21:52 ----A---- C:\Windows\system32\DWrite.dll
2011-03-26 09:21:52 ----A---- C:\Windows\system32\d2d1.dll
2011-03-26 09:21:51 ----A---- C:\Windows\system32\XpsPrint.dll
2011-03-26 09:21:50 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-03-26 09:21:43 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-03-26 09:21:43 ----A---- C:\Windows\system32\d3d10_1.dll

======List of files/folders modified in the last 1 months======

2011-04-23 16:08:25 ----D---- C:\Windows\system32\FxsTmp
2011-04-23 16:05:52 ----D---- C:\Windows\Temp
2011-04-23 16:05:52 ----D---- C:\Windows
2011-04-23 16:04:42 ----D---- C:\Windows\system32\config
2011-04-23 15:55:49 ----SHD---- C:\Windows\Installer
2011-04-23 15:55:35 ----RSD---- C:\Windows\assembly
2011-04-23 15:55:06 ----RSD---- C:\Windows\Fonts
2011-04-23 15:54:58 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2011-04-23 15:54:35 ----D---- C:\Windows\winsxs
2011-04-23 15:50:35 ----RD---- C:\Program Files
2011-04-23 15:46:38 ----A---- C:\Windows\system32\AutoRunFilter.ini
2011-04-23 15:46:31 ----A---- C:\Windows\system32\ServiceFilter.ini
2011-04-23 15:46:10 ----D---- C:\Windows\system32\Tasks
2011-04-23 15:45:56 ----A---- C:\Windows\SYSWOW64\log.txt
2011-04-23 15:35:26 ----D---- C:\Windows\SysWOW64
2011-04-23 15:27:18 ----D---- C:\Program Files (x86)\Ashampoo
2011-04-23 15:26:18 ----RD---- C:\Program Files (x86)
2011-04-23 15:17:36 ----D---- C:\Windows\system32\drivers
2011-04-23 15:17:18 ----D---- C:\Windows\System32
2011-04-23 15:17:04 ----HD---- C:\ProgramData
2011-04-23 15:14:04 ----D---- C:\Windows\system32\DriverStore
2011-04-23 15:14:04 ----D---- C:\Windows\system32\catroot
2011-04-23 15:14:04 ----D---- C:\Windows\inf
2011-04-23 14:19:42 ----D---- C:\ProgramData\Norton
2011-04-23 14:19:41 ----D---- C:\Windows\Tasks
2011-04-23 14:07:22 ----SHD---- C:\$Recycle.Bin
2011-04-23 14:06:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-23 14:01:57 ----D---- C:\Program Files\Google
2011-04-23 14:01:57 ----D---- C:\Program Files (x86)\Google
2011-04-23 13:18:37 ----D---- C:\ProgramData\Google
2011-04-23 11:53:59 ----D---- C:\Windows\system32\NDF
2011-04-23 11:48:10 ----D---- C:\Windows\Downloaded Program Files
2011-04-23 11:48:09 ----D---- C:\Windows\SYSWOW64\Adobe
2011-04-23 11:45:37 ----D---- C:\Windows\SYSWOW64\Macromed
2011-04-22 18:11:18 ----D---- C:\ProgramData\tmp
2011-04-22 15:32:51 ----SHD---- C:\System Volume Information
2011-04-22 10:57:08 ----D---- C:\Program Files\Common Files\Bullzip
2011-04-22 06:47:50 ----D---- C:\ProgramData\Adobe
2011-04-21 23:38:16 ----D---- C:\Windows\Logs
2011-04-21 14:28:39 ----D---- C:\Windows\system32\catroot2
2011-04-21 12:51:00 ----D---- C:\Windows\debug
2011-04-21 12:12:08 ----SD---- C:\ProgramData\Microsoft
2011-04-21 09:55:14 ----D---- C:\Users\Sabinka\AppData\Roaming\ICQ
2011-04-20 10:14:57 ----D---- C:\Users\Sabinka\AppData\Roaming\Mozilla
2011-04-20 09:49:42 ----D---- C:\Windows\SYSWOW64\NV
2011-04-20 09:49:41 ----D---- C:\Windows\system32\NV
2011-04-20 09:44:37 ----A---- C:\Windows\system32\MRT.exe
2011-04-20 09:44:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-19 19:20:24 ----D---- C:\Windows\Prefetch
2011-04-19 10:36:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-04-19 06:49:04 ----SD---- C:\Users\Sabinka\AppData\Roaming\Microsoft
2011-04-19 06:49:04 ----D---- C:\Users\Sabinka\AppData\Roaming\Adobe
2011-04-19 06:48:17 ----D---- C:\Program Files (x86)\Common Files
2011-04-19 06:48:17 ----D---- C:\Program Files (x86)\Adobe
2011-04-15 18:12:43 ----D---- C:\Windows\Microsoft.NET
2011-04-15 17:43:47 ----D---- C:\Users\Sabinka\AppData\Roaming\Skype
2011-04-15 17:42:57 ----D---- C:\Users\Sabinka\AppData\Roaming\SkypePM
2011-04-14 19:55:07 ----D---- C:\Windows\system32\Boot
2011-04-14 19:32:20 ----D---- C:\ProgramData\Microsoft Help
2011-04-13 08:07:00 ----D---- C:\Users\Sabinka\AppData\Roaming\Ashampoo
2011-04-11 14:44:11 ----D---- C:\Windows\system32\wdi
2011-04-09 18:37:57 ----D---- C:\ProgramData\hps
2011-04-06 16:06:47 ----A---- C:\Windows\ATKPF.ini
2011-03-28 14:40:53 ----D---- C:\Users\Sabinka\AppData\Roaming\Zoner
2011-03-24 20:15:59 ----RD---- C:\Program Files (x86)\Skype
2011-03-24 20:08:13 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-04-18 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-04-18 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-04-18 287064]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-04-18 53592]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-29 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-04-18 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-04-18 64344]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-10 2222624]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-21 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2010-08-24 74320]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2010-08-24 13392]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 63568]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 57936]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-07-08 211432]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-07-29 58488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 windrvNT;windrvNT; \??\C:\Windows\syswow64\windrvNT.sys [2011-03-29 35363]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-04-18 42184]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-22 159336]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-06-22 1616488]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2011-04-23 948775]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-04-06 244904]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-31 192368]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 357456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-21 1255736]

-----------------EOF-----------------


ckfiles.txt

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11
----- EOF -----

Re: Presmerování ve vyhledavaci

Napsal: 23 dub 2011 18:00
od vyosek
:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Re: Presmerování ve vyhledavaci

Napsal: 25 dub 2011 06:42
od tisic
Snad jsem to provedl spravne.

OTL.txt


OTL logfile created on: 25.4.2011 7:16:33 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sabinka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 74,10 Gb Free Space | 63,64% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 307,29 Gb Free Space | 93,18% Space Free | Partition Type: NTFS

Computer Name: SABINKA-PC | User Name: Sabinka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.04.25 07:10:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sabinka\Desktop\OTL.exe
PRC - [2011.04.23 13:32:59 | 003,318,784 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011.04.23 13:32:59 | 002,557,440 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2011.04.18 19:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.04.18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.04.13 02:51:02 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011.03.18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2011.03.18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011.03.09 14:30:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011.03.09 14:30:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.08.24 06:50:17 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.06.22 21:38:14 | 001,616,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.04.05 20:11:26 | 000,144,688 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
PRC - [2010.04.05 20:10:36 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2010.01.13 18:19:42 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.01.13 18:11:52 | 007,109,248 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.01.05 22:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.02 23:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009.12.02 23:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009.11.24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.10.01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.16 02:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.08.12 21:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
PRC - [2009.08.01 02:36:14 | 002,680,160 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2009.07.31 22:23:22 | 000,354,128 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
PRC - [2009.07.31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.07.06 23:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009.06.08 23:34:58 | 000,660,808 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009.06.04 00:33:14 | 000,308,552 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2009.04.04 03:17:42 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008.07.24 20:24:24 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (SafeList) ==========

MOD - [2011.04.25 07:10:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sabinka\Desktop\OTL.exe
MOD - [2011.04.18 19:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010.06.22 19:04:59 | 000,101,992 | ---- | M] (NVIDIA Corporation) -- c:\Windows\SysWOW64\nvinit.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.04.18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.10.28 12:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009.09.17 20:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.08.06 23:17:46 | 000,118,672 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.04.23 13:32:59 | 000,948,775 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011.03.18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011.03.09 14:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.06.22 21:38:14 | 001,616,488 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.02 23:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.12.02 23:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.10.01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.07.31 06:20:36 | 000,192,368 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.04.18 19:13:13 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.02.11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.08.24 19:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.08.24 19:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.08.24 19:29:10 | 000,013,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2010.08.24 19:28:58 | 000,074,320 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.05.15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2010.02.27 01:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.03 15:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.12.17 04:42:07 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.02 23:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009.12.02 23:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009.12.02 23:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009.12.02 23:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009.10.15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.10.05 03:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.09.04 07:39:07 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009.08.21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.20 20:41:37 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009.08.06 23:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.29 05:02:10 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2009.07.29 03:38:00 | 000,058,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2009.07.24 20:33:14 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.21 03:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.08 06:39:08 | 000,211,432 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2009.06.19 19:00:26 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.06.19 18:59:32 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2009.06.18 21:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009.06.17 21:01:04 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008.12.08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.03.29 12:13:33 | 000,035,363 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\windrvNT.sys -- (windrvNT)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-236230673-489465088-3278936597-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-236230673-489465088-3278936597-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-236230673-489465088-3278936597-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.novinky.cz/denni-tisk?sectio ... d=18439914
IE - HKU\S-1-5-21-236230673-489465088-3278936597-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-236230673-489465088-3278936597-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.11.21.3
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=n ... t&hl=cs&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.04.23 15:17:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.24 20:08:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.22 06:48:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2011.04.20 10:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabinka\AppData\Roaming\Mozilla\Extensions
[2011.04.20 10:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabinka\AppData\Roaming\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2011.03.28 07:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabinka\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.04.23 19:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabinka\AppData\Roaming\Mozilla\Firefox\Profiles\akt6nuwr.default\extensions
[2010.12.19 20:09:35 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\Sabinka\AppData\Roaming\Mozilla\Firefox\Profiles\akt6nuwr.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010.12.20 08:11:10 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\Sabinka\AppData\Roaming\Mozilla\Firefox\Profiles\akt6nuwr.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2011.04.25 07:09:06 | 000,001,047 | ---- | M] () -- C:\Users\Sabinka\AppData\Roaming\Mozilla\Firefox\Profiles\akt6nuwr.default\searchplugins\icqplugin.xml
[2011.03.24 20:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\SABINKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AKT6NUWR.DEFAULT\EXTENSIONS\{5C655500-E712-41E7-9349-CE462F844B19}.XPI
[2011.03.24 20:08:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011.03.24 20:08:06 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\heureka-cz.xml
[2011.03.24 20:08:06 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.03.05 19:02:33 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.03.24 20:08:06 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.03.24 20:08:06 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.03.24 20:08:06 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - Reg Error: Value error. File not found
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1000..\Run: [swg] File not found
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1001..\Run: [C:!Users!Sabinka!AppData!Local!Google!Chrome!User Data_service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1001..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1001..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1001..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1000..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-236230673-489465088-3278936597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/Shar ... vSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Symantec RuFSI Utility Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~2\bandoo\bndhook.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.04.25 07:10:17 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Sabinka\Desktop\OTL.exe
[2011.04.23 19:01:35 | 000,000,000 | ---D | C] -- C:\Users\Sabinka\AppData\Roaming\Malwarebytes
[2011.04.23 19:01:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.04.23 19:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.23 19:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.23 19:01:25 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.04.23 19:01:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.04.23 16:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
[2011.04.23 16:59:19 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsregexp.dll
[2011.04.23 16:59:12 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcommdb.dll
[2011.04.23 16:59:12 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcomm.dll
[2011.04.23 16:59:09 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vswmi.dll
[2011.04.23 16:59:08 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zpeng25.dll
[2011.04.23 16:59:08 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsxml.dll
[2011.04.23 16:59:07 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vspubapi.dll
[2011.04.23 16:59:07 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsdata.dll
[2011.04.23 16:59:07 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsmonapi.dll
[2011.04.23 16:59:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2011.04.23 16:59:03 | 000,458,840 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysNative\drivers\vsdatant.sys
[2011.04.23 16:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2011.04.23 16:57:46 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011.04.23 16:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011.04.23 16:57:45 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsutil.dll
[2011.04.23 16:57:45 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsinit.dll
[2011.04.23 15:55:32 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011.04.23 15:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.04.23 15:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011.04.23 15:17:36 | 000,287,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.04.23 15:17:36 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.04.23 15:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.04.23 15:17:35 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.04.23 15:17:34 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.04.23 15:17:18 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.04.23 15:17:18 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.04.23 15:17:18 | 000,064,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.04.23 15:17:07 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.04.23 15:17:07 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.04.23 15:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.04.23 15:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.04.23 14:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.04.23 14:53:46 | 000,000,000 | ---D | C] -- C:\rsit
[2011.04.23 13:32:59 | 000,000,000 | ---D | C] -- C:\Users\Sabinka\AppData\Roaming\Spyware Terminator
[2011.04.23 13:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator
[2011.04.23 13:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2011.04.23 13:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2011.04.23 11:32:55 | 000,000,000 | ---D | C] -- C:\Users\Sabinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cooliris
[2011.04.23 11:32:55 | 000,000,000 | ---D | C] -- C:\Users\Sabinka\AppData\Local\Cooliris
[2011.04.22 18:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.04.22 18:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.04.22 10:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QIP 2010
[2011.04.20 09:43:27 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.20 09:43:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.19 10:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.04.19 10:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011.04.19 06:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.04.19 06:45:18 | 000,000,000 | ---D | C] -- C:\Users\Sabinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011.03.23 11:02:23 | 009,319,112 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2008.08.12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.04.25 07:10:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sabinka\Desktop\OTL.exe
[2011.04.25 07:07:53 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.25 07:07:53 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.25 07:03:26 | 000,004,608 | ---- | M] () -- C:\Users\Sabinka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.25 07:00:41 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.25 07:00:40 | 000,000,310 | -HS- | M] () -- C:\Windows\tasks\fdwqz.job
[2011.04.25 07:00:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.25 07:00:10 | 3055,706,112 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.23 19:25:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.23 19:07:04 | 000,002,360 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.04.23 17:02:16 | 000,001,415 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011.04.23 17:01:30 | 000,446,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.23 16:59:32 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011.04.23 15:35:37 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.23 15:17:36 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.04.23 15:17:18 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.04.23 14:06:36 | 001,447,246 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.23 14:06:36 | 000,623,104 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.04.23 14:06:36 | 000,607,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.23 14:06:36 | 000,118,996 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.04.23 14:06:36 | 000,103,754 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.23 13:33:13 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011.04.22 10:50:46 | 000,216,005 | ---- | M] () -- C:\Users\Sabinka\Desktop\Neuvěřitelných 159 KČ za MASOVÉ HODY! Hostina pro 2–3 osoby za VEPŘOVÉ KOLENO o váze 1,5kg + 6 pikantních KŘIDÝLEK 0,5kg + výpe.pdf
[2011.04.22 06:51:13 | 002,107,950 | ---- | M] () -- C:\Users\Sabinka\Desktop\Recept - moucnik MISA.pdf
[2011.04.21 13:33:35 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2011.04.21 12:42:30 | 000,000,660 | ---- | M] () -- C:\Users\Sabinka\Desktop\Restartovat za 0.00.05.lnk
[2011.04.21 11:00:06 | 000,080,384 | RHS- | M] () -- C:\Windows\SysWow64\iTVData0.dll
[2011.04.19 11:11:33 | 000,000,936 | ---- | M] () -- C:\Users\Sabinka\AppData\Local\SRDownloader.nast
[2011.04.19 10:41:01 | 000,000,542 | ---- | M] () -- C:\Users\Sabinka\Desktop\Vypinac.lnk
[2011.04.19 10:37:20 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.19 09:49:13 | 000,004,271 | ---- | M] () -- C:\Users\Sabinka\AppData\Local\SRDownloader.err
[2011.04.19 06:45:18 | 000,001,266 | ---- | M] () -- C:\Users\Sabinka\Desktop\Revo Uninstaller.lnk
[2011.04.18 19:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.04.18 19:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.04.18 19:25:00 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.04.18 19:18:01 | 000,287,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.04.18 19:17:59 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.04.18 19:16:23 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.04.18 19:13:24 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.04.18 19:13:13 | 000,064,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.04.18 19:13:01 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.04.23 16:59:07 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011.04.23 15:17:36 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.04.23 15:17:18 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011.04.23 13:33:13 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011.04.22 10:50:46 | 000,216,005 | ---- | C] () -- C:\Users\Sabinka\Desktop\Neuvěřitelných 159 KČ za MASOVÉ HODY! Hostina pro 2–3 osoby za VEPŘOVÉ KOLENO o váze 1,5kg + 6 pikantních KŘIDÝLEK 0,5kg + výpe.pdf
[2011.04.22 06:51:13 | 002,107,950 | ---- | C] () -- C:\Users\Sabinka\Desktop\Recept - moucnik MISA.pdf
[2011.04.21 13:33:35 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2011.04.21 12:42:30 | 000,000,660 | ---- | C] () -- C:\Users\Sabinka\Desktop\Restartovat za 0.00.05.lnk
[2011.04.21 11:00:06 | 000,080,384 | RHS- | C] () -- C:\Windows\SysWow64\iTVData0.dll
[2011.04.21 11:00:06 | 000,000,310 | -HS- | C] () -- C:\Windows\tasks\fdwqz.job
[2011.04.19 10:37:20 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.19 06:48:25 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.04.19 06:48:25 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.08 11:43:29 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.03.29 12:03:59 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\suppdll.dll
[2011.03.29 12:03:59 | 000,035,363 | ---- | C] () -- C:\Windows\SysWow64\windrvNT.sys
[2011.02.11 19:15:08 | 000,874,048 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011.02.06 19:04:09 | 000,004,608 | ---- | C] () -- C:\Users\Sabinka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.29 15:26:48 | 000,004,271 | ---- | C] () -- C:\Users\Sabinka\AppData\Local\SRDownloader.err
[2011.01.29 13:53:13 | 000,000,936 | ---- | C] () -- C:\Users\Sabinka\AppData\Local\SRDownloader.nast
[2011.01.03 12:48:12 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010.12.23 16:21:12 | 003,064,794 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.19 20:39:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.08.25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.08.24 06:41:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.08.24 06:15:57 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.02.09 09:07:38 | 000,020,480 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2010.02.09 09:07:38 | 000,000,269 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.10.26 05:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.12.02 03:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2006.05.19 21:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2011.03.29 12:14:42 | 000,000,000 | -HSD | M] -- C:\Users\Sabinka\AppData\Roaming\.#
[2011.04.13 08:07:00 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Ashampoo
[2010.12.19 21:08:01 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Asus WebStorage
[2011.02.06 15:47:35 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Bandoo
[2011.03.22 20:16:59 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Canon
[2010.12.21 11:31:55 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\ESET
[2011.04.21 09:55:14 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\ICQ
[2011.03.23 08:34:23 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Leadertech
[2010.12.30 21:37:59 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Marine Aquarium 3
[2010.12.19 22:30:23 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\OpenOffice.org
[2011.01.18 13:36:55 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\PDF Writer
[2011.03.15 23:33:45 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\SoftGrid Client
[2011.04.25 06:58:12 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Spyware Terminator
[2011.03.28 07:11:12 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\TomTom
[2010.12.23 16:22:08 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\TP
[2011.03.28 14:40:53 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Zoner
[2011.04.25 07:00:40 | 000,000,310 | -HS- | M] () -- C:\Windows\Tasks\fdwqz.job
[2011.03.26 13:42:03 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Syncables" = C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe -- [2010.04.05 20:10:36 | 000,370,480 | ---- | M] (syncables, LLC)
"TomTomHOME.exe" = "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -- [2011.03.09 14:30:08 | 000,247,728 | ---- | M] (TomTom)
"C:!Users!Sabinka!AppData!Local!Google!Chrome!User Data_service_run" = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service -- [2011.04.13 02:51:02 | 001,004,088 | ---- | M] (Google Inc.)
"SpywareTerminatorUpdate" = "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2011.04.23 13:32:59 | 003,318,784 | ---- | M] (Crawler.com)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.03.29 12:14:42 | 000,000,000 | -HSD | M] -- C:\Users\Sabinka\AppData\Roaming\.#
[2011.04.19 06:49:04 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Adobe
[2011.04.13 08:07:00 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Ashampoo
[2010.12.19 21:08:01 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Asus WebStorage
[2011.01.15 15:05:53 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\AVS4YOU
[2011.02.06 15:47:35 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Bandoo
[2011.03.22 20:16:59 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Canon
[2011.01.29 14:17:32 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\CyberLink
[2011.01.30 10:22:27 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\dvdcss
[2010.12.21 11:31:55 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\ESET
[2010.12.22 09:51:40 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Google
[2011.04.21 09:55:14 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\ICQ
[2010.12.19 18:35:32 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Identities
[2011.03.23 08:34:23 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Leadertech
[2011.03.23 08:33:00 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Logishrd
[2011.03.23 08:34:29 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Logitech
[2010.12.19 19:38:06 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Macromedia
[2011.04.23 19:01:35 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Malwarebytes
[2010.12.30 21:37:59 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Marine Aquarium 3
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Media Center Programs
[2011.03.28 09:23:47 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Media Player Classic
[2011.04.19 06:49:04 | 000,000,000 | --SD | M] -- C:\Users\Sabinka\AppData\Roaming\Microsoft
[2011.04.20 10:14:57 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Mozilla
[2011.04.08 09:59:34 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\NVIDIA
[2010.12.19 22:30:23 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\OpenOffice.org
[2011.01.18 13:36:55 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\PDF Writer
[2011.04.15 17:43:47 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Skype
[2011.04.15 17:42:57 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\SkypePM
[2011.03.15 23:33:45 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\SoftGrid Client
[2011.04.25 06:58:12 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Spyware Terminator
[2011.03.28 07:11:12 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\TomTom
[2010.12.23 16:22:08 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\TP
[2011.03.13 23:22:38 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\vlc
[2011.03.27 08:57:52 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\WinRAR
[2011.03.28 14:40:53 | 000,000,000 | ---D | M] -- C:\Users\Sabinka\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.03.23 08:34:22 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Sabinka\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.06.06 23:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2010.08.24 06:19:44 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.08.24 06:08:11 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010.08.24 06:19:44 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.08.24 06:08:11 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.08.24 06:19:44 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.08.24 06:08:11 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.08.24 06:19:44 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.08.24 06:08:11 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2009.12.17 04:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA8ABC5E -- C:\eSupport\eDriver\Software\IRST\64\IASTOR.SYS
[2009.12.17 04:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA8ABC5E -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.12.17 04:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA8ABC5E -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_f26ae7769ab43067\iaStor.sys
[2009.12.17 04:25:25 | 000,433,176 | ---- | M] (Intel Corporation) MD5=8CDACD4AD63D49834C6B59DB102E7CD7 -- C:\eSupport\eDriver\Software\IRST\32\IASTOR.SYS

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\drivers\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\drivers\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\drivers\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.08.24 06:19:44 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.08.24 06:19:44 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

Re: Presmerování ve vyhledavaci

Napsal: 25 dub 2011 06:44
od tisic
< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.04.21 11:00:06 | 000,080,384 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\iTVData0.dll

< %systemroot%\Tasks\*.job /lockedfiles >
[2011.04.25 07:00:40 | 000,000,310 | -HS- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\fdwqz.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.04.21 11:00:06 | 000,080,384 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\SysWOW64\iTVData0.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.04.23 15:17:18 | 000,000,000 | ---- | M] () -- C:\Windows\SysWOW64\config.nt
[2011.04.25 07:00:43 | 000,000,018 | ---- | M] () -- C:\Windows\SysWOW64\log.txt

========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:9B52F176
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >

Re: Presmerování ve vyhledavaci

Napsal: 25 dub 2011 06:46
od tisic
Extras.txt

OTL Extras logfile created on: 25.4.2011 7:16:33 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sabinka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 74,10 Gb Free Space | 63,64% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 307,29 Gb Free Space | 93,18% Space Free | Partition Type: NTFS

Computer Name: SABINKA-PC | User Name: Sabinka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-236230673-489465088-3278936597-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Schlecker\FOTOSVET Schlecker 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FOTOSVET Schlecker 3] -- "C:\Program Files (x86)\Schlecker\FOTOSVET Schlecker 3\FOTOSVET Schlecker 3.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Schlecker\FOTOSVET Schlecker 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FOTOSVET Schlecker 3] -- "C:\Program Files (x86)\Schlecker\FOTOSVET Schlecker 3\FOTOSVET Schlecker 3.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1304
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"sp6" = Logitech SetPoint 6.20

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11386547}" = Farm Frenzy
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}" = Piggly FREE
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}" = Smileyville FREE
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{B653A2EC-D816-4498-A4FD-651047AB9DC9}" = Boingo Wi-Fi
"{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}" = syncables desktop SE
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CF22161D-0E1B-489E-BBC8-684055836FE9}" = Windows Live Toolbar
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS WebStorage" = ASUS WebStorage
"ASUS_N_Series_Screensaver" = ASUS_N_Series_Screensaver
"avast" = avast! Free Antivirus
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DirectVobSub" = DirectVobSub (remove only)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FOTOSVET Schlecker 3" = FOTOSVET Schlecker 3
"Google Chrome" = Google Chrome
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Kubik SMS DreamCom_is1" = Kubik SMS DreamCom 5.89
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"MP Navigator EX 1.2" = Canon MP Navigator EX 1.2
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Registrace uživatele zařízení Canon MP190 series" = Registrace uživatele zařízení Canon MP190 series
"Revo Uninstaller" = Revo Uninstaller 1.92
"Spyware Terminator_is1" = Spyware Terminator
"Tomb Raider: Legend" = Tomb Raider: Legend 1.2
"TomTom HOME" = TomTom HOME 2.8.1.2218
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zimní Hrátky" = Zimní Hrátky
"ZoneAlarm" = ZoneAlarm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-236230673-489465088-3278936597-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"LastPass" = LastPass (odinstalace)
"QIP 2010" = QIP 2010 3.1.5384

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Re: Presmerování ve vyhledavaci

Napsal: 25 dub 2011 07:00
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl

IE - HKU\S-1-5-21-236230673-489465088-3278936597-1001\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=cs&q="
File not found (No name found) --
() (No name found) -- C:\USERS\SABINKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AKT6NUWR.DEFAULT\EXTENSIONS\{5C655500-E712-41E7-9349-CE462F844B19}.XPI
O4 - HKU\S-1-5-21-236230673-489465088-3278936597-1000..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (c:\progra~2\bandoo\bndhook.dll) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2011.04.21 11:00:06 | 000,080,384 | RHS- | C] () -- C:\Windows\SysWow64\iTVData0.dll
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:9B52F176
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA



:reg

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"=-
"UpdatePSTShortCut"=-
"UpdateLBPShortCut"=-
"UpdateP2GoShortCut"=-
"Adobe ARM"=-
"Adobe Reader Speed Launcher"=-
 

:files
C:\Windows\tasks\fdwqz.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

%windir%\system32\*.tmp.dll /s

%windir%\system32\SET*.tmp /s

%windir%\*.tmp /s



:commands

[RESETHOSTS]

[EMPTYTEMP]

[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Presmerování ve vyhledavaci

Napsal: 25 dub 2011 07:12
od tisic
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-236230673-489465088-3278936597-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "http://www.google.com/search?sourceid=n ... t&hl=cs&q=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-236230673-489465088-3278936597-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\bandoo\bndhook.dll deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\SysNative\drivers\~GLH0023.TMP deleted successfully.
C:\Windows\SysWOW64\iTVData0.dll moved successfully.
ADS C:\ProgramData\Temp:9B52F176 deleted successfully.
ADS C:\ProgramData\Temp:2F370DA6 deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS C:\ProgramData\Temp:115CEE00 deleted successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl9 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdatePSTShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
========== FILES ==========
C:\Windows\tasks\fdwqz.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14A9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D65.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5FAF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBC5C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE060.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEFA5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1D70.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3CE3.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC066.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE4C0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows Live\Toolbar\Feeds\rss115F.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows Live\Toolbar\Feeds\rss11EC.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows Live\Toolbar\Feeds\rssFD8.tmp moved successfully.
File move failed. C:\Windows\Temp\ZLT02ad6.TMP scheduled to be moved on reboot.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sabinka
->Temp folder emptied: 21345586 bytes
->Temporary Internet Files folder emptied: 1326193 bytes
->FireFox cache emptied: 89695274 bytes
->Google Chrome cache emptied: 46780979 bytes
->Flash cache emptied: 3975 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 52879 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85315 bytes
RecycleBin emptied: 185071996 bytes

Total Files Cleaned = 328,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Sabinka
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04252011_080631

Files\Folders moved on Reboot...
File\Folder C:\Windows\Temp\ZLT02ad6.TMP not found!
C:\Users\Sabinka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sabinka\AppData\Local\Temp\~DF58BEC014BB53F956.TMP moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: Presmerování ve vyhledavaci

Napsal: 25 dub 2011 08:06
od tisic
Zkousel jsem hledani v Google, zatim se zda ze je to v poradku.

Re: Presmerování ve vyhledavaci

Napsal: 25 dub 2011 19:28
od vyosek
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za 14 dni

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :turned:

Re: Presmerování ve vyhledavaci

Napsal: 26 dub 2011 06:48
od tisic
Chtel bych vyjadrit svuj obdiv a diky za pomoc. :worship:

Re: Presmerování ve vyhledavaci

Napsal: 26 dub 2011 08:03
od vyosek
Za obdiv tedy dekuji :oops:

Jinak za pomoc nemate zac, rad jsem pomohl :) Zase nekdy navidenou :turned:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz