VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Facebook Chat Vir (Log)

https://forum.viry.cz:443/viewtopic.php?t=114647

Stránka 1 z 2

Facebook Chat Vir (Log)

Napsal: 20 srp 2011 18:37
od JeyDee
Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2011-08-20 19:34:07
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 144 GB (60%) free of 238 GB
Total RAM: 2813 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:34:16, on 20.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Windows\update.tray-2-0\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Windows\l1rezerv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Uživatel\Downloads\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe
O4 - HKLM\..\Run: [8304816.exe] "C:\Windows\Temp\8304816.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [6084512.exe] "C:\Users\Uživatel\AppData\Local\Temp\6084512.exe"
O4 - HKLM\..\Run: [6097584.exe] "C:\Windows\Temp\6097584.exe"
O4 - HKLM\..\Run: [4282020.exe] "C:\Windows\Temp\4282020.exe"
O4 - HKLM\..\Run: [57868644-loader2.exe] "C:\Windows\Temp\57868644-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ddservice - Unknown owner - C:\Windows\update.7.1\svchostdriver.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\STacSV.exe
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe

--
End of file - 11820 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYYCZ&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
ssldivx.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default\extensions\
engine@conduit.com
fastdial@telega.phpnet.us
fbdislike@doweb.fr
toolbar@ask.com
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default\searchplugins\
askcom.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2010-06-02 777392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-25 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23 98576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\IEPro\IEProRecorder.dll [2010-06-02 662736]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-08-05 458844]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2221352]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 288312]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2009-07-30 354360]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 153640]
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 400936]
"CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2009-07-23 24848]
"wxpdrv"=C:\Windows\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-2-0\svchost.exe [2011-08-19 1215488]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"8304816.exe"=C:\Windows\Temp\8304816.exe []
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-08-20 258048]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe rezerv []
"6084512.exe"=C:\Users\Uživatel\AppData\Local\Temp\6084512.exe []
"6097584.exe"=C:\Windows\Temp\6097584.exe [2011-08-20 632832]
"4282020.exe"=C:\Windows\Temp\4282020.exe []
"57868644-loader2.exe"=C:\Windows\Temp\57868644-loader2.exe []
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-08-20 232960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files\PDF Complete\pdfsty.exe [2009-06-18 563736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-29 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kaspersky Security Scan.lnk]
C:\Program Files\Kaspersky Security Scan\KSS.exe /hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-07-25 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uživatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ProgSense.lnk]
C:\Program Files\ProgSense\progsense.exe /StartRun []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\Windows\system32\DeviceNP.dll [2009-06-29 75320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Users\Uživatel\Downloads\Flash-Player.exe"="C:\Users\Uživatel\Downloads\Flash-Player.exe:*:Enabled:C:\Users\Uživatel\Downloads\Flash-Player.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.tray-2-0\svchost.exe"="C:\Windows\update.tray-2-0\svchost.exe:*:Enabled:C:\Windows\update.tray-2-0\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.ffds"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-20 19:34:07 ----D---- C:\rsit
2011-08-20 19:34:07 ----D---- C:\Program Files\trend micro
2011-08-20 19:31:39 ----A---- C:\Windows\system32\lsdelete.exe
2011-08-20 19:31:20 ----AH---- C:\aaw7boot.cmd
2011-08-20 14:20:46 ----A---- C:\Windows\system32\rp_stats.dat
2011-08-20 14:20:46 ----A---- C:\Windows\system32\rp_rules.dat
2011-08-20 14:20:26 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-20 14:20:26 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-08-20 14:20:25 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-08-20 14:13:33 ----HDC---- C:\ProgramData\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
2011-08-20 14:13:24 ----D---- C:\ProgramData\Lavasoft
2011-08-20 14:13:24 ----D---- C:\Program Files\Lavasoft
2011-08-20 13:37:35 ----D---- C:\Windows\ufa
2011-08-20 13:37:35 ----D---- C:\Windows\rpcminer
2011-08-20 13:37:35 ----D---- C:\Windows\phoenix
2011-08-20 13:36:05 ----N---- C:\Windows\l1rezerv.exe
2011-08-20 13:35:49 ----A---- C:\Windows\btc_client_iplist.txt
2011-08-20 13:35:22 ----HD---- C:\Windows\update.5.0
2011-08-20 13:34:51 ----A---- C:\Windows\iecheck_iplist.txt
2011-08-20 13:34:25 ----HD---- C:\Windows\update.2
2011-08-20 13:33:50 ----HD---- C:\Windows\update.7.1
2011-08-20 13:31:42 ----A---- C:\Windows\unrar.exe
2011-08-20 13:30:24 ----A---- C:\Windows\iplist.txt
2011-08-20 13:29:55 ----N---- C:\Windows\sysdriver32.exe
2011-08-20 13:29:39 ----D---- C:\Windows\av_ico
2011-08-20 13:29:38 ----A---- C:\Windows\front_ip_list.txt
2011-08-20 00:04:29 ----HD---- C:\Windows\update.1
2011-08-20 00:04:28 ----HD---- C:\Windows\update.tray-2-0-lnk
2011-08-20 00:04:28 ----HD---- C:\Windows\update.tray-2-0
2011-08-19 23:54:17 ----A---- C:\Windows\winlog-ids.txt
2011-08-19 23:54:17 ----A---- C:\Windows\winlog-dirs.txt
2011-08-15 19:12:03 ----D---- C:\Program Files\Free MP3 Cutter
2011-08-14 22:19:31 ----A---- C:\Windows\system32\xmllite.dll
2011-08-14 22:19:13 ----A---- C:\Windows\system32\kernel32.dll
2011-08-14 22:19:13 ----A---- C:\Windows\system32\conhost.exe
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-14 22:19:12 ----A---- C:\Windows\system32\winsrv.dll
2011-08-14 22:19:12 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-14 22:18:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-14 22:18:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-14 22:18:48 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-14 22:18:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-14 22:18:22 ----A---- C:\Windows\system32\iertutil.dll
2011-08-14 22:18:19 ----A---- C:\Windows\system32\mshtml.dll
2011-08-14 22:18:19 ----A---- C:\Windows\system32\ieframe.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\wininet.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\urlmon.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\url.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\ieui.dll
2011-08-14 22:18:16 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-02 05:21:30 ----D---- C:\Windows\pss
2011-08-02 05:19:03 ----D---- C:\Program Files\SpeedFan
2011-08-02 04:51:27 ----D---- C:\WindowsOffBackup
2011-08-02 04:50:24 ----A---- C:\Windows\KMSAct.exe
2011-07-30 16:54:47 ----D---- C:\Users\Uživatel\AppData\Roaming\Leadertech
2011-07-30 16:45:27 ----D---- C:\Program Files\Atari
2011-07-30 16:44:41 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-27 04:50:26 ----D---- C:\Program Files\Counter-Strike 1.6 & Half-Life
2011-07-25 04:00:05 ----D---- C:\Program Files\Polda 5
2011-07-25 03:33:59 ----D---- C:\Program Files\EA GAMES
2011-07-25 03:29:14 ----D---- C:\Users\Uživatel\AppData\Roaming\Synaptics
2011-07-25 03:24:36 ----D---- C:\ProgramData\Synaptics
2011-07-25 03:24:23 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynTPCo9.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynTPAPI.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynCtrl.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynCOM.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\drivers\SynTP.sys
2011-07-25 02:36:41 ----D---- C:\Program Files\PowerISO
2011-07-25 01:49:50 ----D---- C:\ProgramData\Sun
2011-07-25 01:49:50 ----D---- C:\Program Files\Common Files\Java
2011-07-25 01:49:31 ----A---- C:\Windows\system32\javaws.exe
2011-07-25 01:49:31 ----A---- C:\Windows\system32\javaw.exe
2011-07-25 01:49:31 ----A---- C:\Windows\system32\java.exe
2011-07-25 01:49:31 ----A---- C:\Windows\system32\deployJava1.dll
2011-07-25 01:49:14 ----D---- C:\Program Files\Java

======List of files/folders modified in the last 1 month======

2011-08-20 19:34:14 ----D---- C:\Windows\Temp
2011-08-20 19:34:08 ----D---- C:\Windows\Prefetch
2011-08-20 19:34:07 ----RD---- C:\Program Files
2011-08-20 19:32:10 ----D---- C:\Windows\System32
2011-08-20 19:31:34 ----D---- C:\Windows
2011-08-20 19:31:20 ----D---- C:\Windows\Tasks
2011-08-20 14:35:37 ----D---- C:\Windows\system32\config
2011-08-20 14:28:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-20 14:20:31 ----D---- C:\Windows\system32\Tasks
2011-08-20 14:20:26 ----D---- C:\Windows\system32\drivers
2011-08-20 14:20:26 ----D---- C:\Windows\system32\catroot
2011-08-20 14:13:33 ----SHD---- C:\Windows\Installer
2011-08-20 14:13:33 ----HD---- C:\ProgramData
2011-08-20 14:13:32 ----SHD---- C:\Config.Msi
2011-08-20 14:13:09 ----D---- C:\Windows\winsxs
2011-08-20 13:34:51 ----D---- C:\Windows\system32\drivers\etc
2011-08-19 15:22:54 ----SHD---- C:\System Volume Information
2011-08-15 18:14:22 ----D---- C:\Windows\Microsoft.NET
2011-08-15 18:14:21 ----RSD---- C:\Windows\assembly
2011-08-15 08:28:26 ----D---- C:\Windows\system32\migration
2011-08-15 08:28:26 ----D---- C:\Program Files\Internet Explorer
2011-08-15 08:01:16 ----A---- C:\Windows\system32\MRT.exe
2011-08-15 08:00:39 ----D---- C:\ProgramData\Microsoft Help
2011-08-14 22:19:18 ----D---- C:\ProgramData\PDFC
2011-08-14 22:18:03 ----D---- C:\Windows\system32\catroot2
2011-08-04 23:42:10 ----SD---- C:\ProgramData\Microsoft
2011-08-04 23:18:27 ----D---- C:\Users\Uživatel\AppData\Roaming\WTablet
2011-08-04 19:37:22 ----D---- C:\Users\Uživatel\AppData\Roaming\Skype
2011-08-04 19:36:54 ----D---- C:\ProgramData\Easybits GO
2011-08-04 19:31:51 ----D---- C:\ProgramData\Skype Extras
2011-08-04 19:21:51 ----D---- C:\Users\Uživatel\AppData\Roaming\go
2011-07-30 16:45:29 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-30 16:44:41 ----D---- C:\Program Files\Common Files
2011-07-28 00:30:42 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-07-25 03:26:47 ----D---- C:\Windows\inf
2011-07-25 03:26:39 ----D---- C:\Windows\system32\DriverStore
2011-07-25 03:24:36 ----D---- C:\Program Files\Synaptics

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 14392]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-04-26 64512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2009-07-29 109216]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2009-07-29 51408]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2009-07-29 12960]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2009-07-29 12528]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 4994560]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-04-07 2661368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-26 15232]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-07-02 1765168]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-08-05 409088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1335472]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2009-05-20 13736]
R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [2007-02-16 11440]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv.sys [2009-06-29 32312]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2009-01-30 15656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\aestsrv.exe [2009-03-02 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 176128]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ddservice;ddservice; C:\Windows\update.7.1\svchostdriver.exe [2011-08-20 382464]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-29 256544]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-08-20 348672]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-08-20 632832]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-08-20 258048]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\STacSV.exe [2009-08-05 221266]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-17 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\Windows\system32\flcdlock.exe [2009-06-29 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-27 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-17 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-07 1343400]
S4 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [2009-07-15 4408616]
S4 WTouchService;WTouch Service; C:\Program Files\WTouch\WTouchService.exe [2009-07-15 112936]

-----------------EOF-----------------


<b> Diky za pomoc =] </b>

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 00:08
od Caroprd111
Zdravím a vítám vás na našem bezpečnostním fóru viry.cz :welcome:

Můj nick je Caroprd111. Budu se vám v tomto topicu věnovat a snažit se odstranit všechny vaše problémy s počítačem. :)
Než začneme, přečtěte si prosím následující poznámky.
  • Pokud nemáte, zálohujte si všechna důležitá data. Infikovaný počítač je nevyzpytatelný.
  • Důsledně a pečlivě si přečtěte celý postup, poté pokračujte po jednotlivých krocích.
  • Prosím, nespouštějte žádné další programy na vlastní pěst, zejména ComboFix. Zbytečně tím můžete zkomplikovat odvirování, dokonce i znefunkčnit systém.
  • Absence příznaků nemusí vždy znamenat, že je počítač čistý, proto vždy spolupracujte až do doby, než vám napíšu, že je počítač v pořádku.
  • V případě, že něčemu nerozumíte nebo si nejste jist, neváhejte se mě zeptat.
  • Pokud bude log dlouhý a nevejde se do jednoho příspěvku, rozdělte jej do více příspěvků.


:arrow: Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 
safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
*crack*
*keygen*
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 12:05
od JeyDee
OTL logfile created on: 21.8.2011 12:44:59 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Uživatel\Downloads
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 38,80% Memory free
5,49 Gb Paging File | 3,77 Gb Available in Paging File | 68,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 139,50 Gb Free Space | 59,93% Space Free | Partition Type: NTFS

Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.21 12:42:00 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
PRC - [2011.08.20 13:36:01 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
PRC - [2011.08.20 13:35:21 | 000,348,672 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.08.20 13:34:24 | 000,632,832 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.08.20 13:34:24 | 000,632,832 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.08.20 13:33:49 | 000,382,464 | ---- | M] () -- C:\Windows\update.7.1\svchostdriver.exe
PRC - [2011.08.20 13:29:52 | 000,258,048 | ---- | M] () -- C:\Windows\sysdriver32.exe
PRC - [2011.08.19 23:53:43 | 001,215,488 | ---- | M] () -- C:\Windows\update.tray-2-0\svchost.exe
PRC - [2011.08.19 23:53:43 | 001,215,488 | ---- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.08.06 04:21:27 | 001,017,912 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.05.27 16:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.08.05 22:00:42 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009.08.05 22:00:42 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\stacsv.exe
PRC - [2009.07.30 13:28:18 | 000,354,360 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2009.07.29 17:54:38 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.07.29 17:54:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.07.29 15:28:44 | 000,256,544 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009.07.29 12:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009.07.27 17:52:16 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009.07.27 15:32:56 | 000,076,344 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009.07.23 11:12:00 | 000,078,608 | ---- | M] (Bioscrypt Inc.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2009.06.18 09:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2009.06.03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009.06.03 16:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009.06.03 16:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2009.03.02 23:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\AEstSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011.08.20 13:36:01 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
MOD - [2011.08.19 23:53:43 | 001,215,488 | ---- | M] () -- C:\Windows\update.tray-2-0\svchost.exe
MOD - [2011.08.15 08:30:57 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\c0d90fae726bca4f272ac9a2906b3741\System.Security.ni.dll
MOD - [2011.08.15 08:30:54 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011.08.15 08:30:49 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011.08.15 08:30:41 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011.08.06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.112\ppgooglenaclpluginchrome.dll
MOD - [2011.08.06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.112\pdf.dll
MOD - [2011.08.06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.112\avutil-50.dll
MOD - [2011.08.06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.112\avformat-52.dll
MOD - [2011.08.06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.112\avcodec-52.dll
MOD - [2011.08.06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\13.0.782.112\gcswf32.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.08.14 06:51:25 | 000,159,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll
MOD - [2009.06.29 16:10:06 | 000,300,600 | ---- | M] () -- C:\Windows\System32\flcdlmsg.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ekrn)
SRV - File not found [On_Demand | Stopped] -- -- (EhttpSrv)
SRV - [2011.08.20 13:35:21 | 000,348,672 | ---- | M] () [Auto | Running] -- C:\Windows\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011.08.20 13:34:24 | 000,632,832 | ---- | M] () [Auto | Running] -- C:\Windows\update.2\svchost.exe -- (srviecheck)
SRV - [2011.08.20 13:33:49 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\Windows\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011.08.20 13:29:52 | 000,258,048 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.08.19 23:53:43 | 001,215,488 | ---- | M] () [Auto | Running] -- C:\Windows\update.1\svchost.exe -- (wxpdrivers)
SRV - [2011.06.28 13:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.06.27 08:07:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.05.27 16:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2011.04.07 16:29:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.08.05 22:00:42 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\stacsv.exe -- (STacSV)
SRV - [2009.07.30 13:24:02 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.07.29 17:54:10 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.29 15:28:44 | 000,256,544 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009.07.29 12:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009.07.27 17:52:16 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009.07.23 11:05:32 | 000,192,784 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2009.07.23 11:05:26 | 000,150,288 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2009.07.15 18:13:04 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009.07.15 18:13:02 | 004,408,616 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.29 16:10:26 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2009.06.18 09:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009.06.03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2009.03.02 23:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\AEstSrv.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV - [2011.04.26 02:00:20 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2010.11.20 04:30:16 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 04:30:16 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 04:30:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 02:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 01:14:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 01:14:42 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.07.29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.29 13:31:26 | 000,096,920 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.08.05 22:00:42 | 000,409,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009.07.30 06:06:30 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.29 15:30:28 | 000,051,408 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009.07.29 15:30:20 | 000,012,960 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\Windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009.07.29 15:30:18 | 000,012,528 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\Windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009.07.29 15:30:16 | 000,109,216 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009.07.27 17:52:14 | 001,161,664 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.07.23 20:48:00 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.07.20 11:10:00 | 000,313,856 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.08 13:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2009.07.08 13:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2009.07.02 10:40:34 | 001,765,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009.06.29 14:45:56 | 000,032,312 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2009.05.20 21:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009.05.04 18:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009.04.29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009.01.30 23:29:50 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.11.11 13:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.11 13:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007.02.16 21:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.16 02:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... YYYYYCZ&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.04 08:34:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.25 01:49:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2011.04.14 20:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions
[2011.07.10 18:25:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions
[2011.06.13 12:40:14 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.06.08 02:44:05 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.06.13 12:40:13 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions\engine@conduit.com
[2011.05.04 22:56:55 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions\fastdial@telega.phpnet.us
[2011.07.02 05:05:34 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions\fbdislike@doweb.fr
[2011.08.19 23:54:44 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions\toolbar@ask.com
[2011.08.19 23:54:47 | 000,002,395 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default\searchplugins\askcom.xml
[2011.05.25 16:16:30 | 000,000,931 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default\searchplugins\conduit.xml
[2011.07.25 01:49:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.05.17 23:00:27 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.07.25 01:49:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VXLL5OQ5.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VXLL5OQ5.DEFAULT\EXTENSIONS\{89506680-E3F4-484C-A2C0-ED711D481EDA}.XPI
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VXLL5OQ5.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VXLL5OQ5.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VXLL5OQ5.DEFAULT\EXTENSIONS\FASTDIAL@TELEGA.PHPNET.US
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VXLL5OQ5.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2011.05.04 08:34:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.25 01:49:18 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.08.21 12:37:34 | 000,202,984 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 127.0.0.1 tl-ph.facebook.com
O1 - Hosts: 127.0.0.1 fo-fo.facebook.com
O1 - Hosts: 127.0.0.1 fr-fr.facebook.com
O1 - Hosts: 127.0.0.1 fy-nl.facebook.com
O1 - Hosts: 127.0.0.1 ga-ie.facebook.com
O1 - Hosts: 127.0.0.1 gl-es.facebook.com
O1 - Hosts: 127.0.0.1 ko-kr.facebook.com
O1 - Hosts: 50053 more lines...
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [4282020.exe] File not found
O4 - HKLM..\Run: [57868644-loader2.exe] File not found
O4 - HKLM..\Run: [6084512.exe] File not found
O4 - HKLM..\Run: [6097584.exe] C:\Windows\Temp\6097584.exe ()
O4 - HKLM..\Run: [8304816.exe] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] File not found
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll) - C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DeviceNP: DllName - DeviceNP.dll - C:\Windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2bcd0c33-906c-11e0-9333-00247ef99e58}\Shell - "" = AutoRun
O33 - MountPoints2\{2bcd0c33-906c-11e0-9333-00247ef99e58}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\RunGame.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.08.20 19:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.20 19:34:07 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.20 14:20:26 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011.08.20 14:20:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011.08.20 14:20:25 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011.08.20 14:18:11 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Sunbelt Software
[2011.08.20 14:13:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
[2011.08.20 14:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011.08.20 14:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011.08.20 14:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011.08.20 13:37:35 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.08.20 13:37:35 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.08.20 13:37:35 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.08.20 13:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.08.20 13:34:25 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.08.20 13:33:50 | 000,000,000 | -H-D | C] -- C:\Windows\update.7.1
[2011.08.20 13:29:39 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.08.20 00:04:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.08.20 00:04:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0-lnk
[2011.08.20 00:04:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0
[2011.08.16 02:10:02 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\Windows.XP.Professional.32-bit.en-US.Black.Edition.v2010.6.15.EgyBoX.NeT.BY.ABDALLAH
[2011.08.15 19:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP3 Cutter
[2011.08.15 19:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\Free MP3 Cutter
[2011.08.14 22:19:13 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.08.14 22:19:12 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.08.14 22:19:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011.08.14 22:19:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.14 22:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.14 22:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011.08.14 22:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011.08.14 22:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.14 22:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.14 22:19:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011.08.14 22:19:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.14 22:19:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011.08.14 22:19:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.14 22:19:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.14 22:19:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011.08.14 22:19:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.14 22:19:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011.08.14 22:19:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.14 22:19:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011.08.14 22:18:58 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.08.14 22:18:57 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.08.14 22:18:17 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.08.14 22:18:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.08.14 22:18:17 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.08.14 22:18:16 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.08.14 22:18:16 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.08.14 22:16:53 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011.08.14 22:16:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011.08.14 22:16:53 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011.08.14 22:16:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011.08.14 22:16:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011.08.06 17:03:57 | 000,000,000 | R--D | C] -- C:\Users\Uživatel\Desktop\Alchemy
[2011.08.05 20:46:17 | 000,000,000 | R--D | C] -- C:\Users\Uživatel\Desktop\Filmy a Serialy
[2011.08.03 00:32:46 | 000,000,000 | R--D | C] -- C:\Users\Uživatel\Desktop\Aplikace, programy apod
[2011.08.02 05:21:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.08.02 05:19:04 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.08.02 05:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.08.02 05:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2011.08.02 04:51:27 | 000,000,000 | ---D | C] -- C:\WindowsOffBackup
[2011.07.30 16:54:47 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2011.07.30 16:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011.07.30 16:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2011.07.30 16:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011.07.27 04:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 & Half-Life
[2011.07.27 04:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Counter-Strike 1.6 & Half-Life
[2011.07.25 04:00:48 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Documents\Polda 5
[2011.07.25 04:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polda 5
[2011.07.25 04:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\Polda 5
[2011.07.25 03:39:35 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\NFS Underground 2
[2011.07.25 03:39:23 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.07.25 03:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2011.07.25 03:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2011.07.25 03:29:14 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Synaptics
[2011.07.25 03:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scrybe
[2011.07.25 03:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2011.07.25 03:24:23 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2011.07.25 03:24:22 | 000,120,104 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo9.dll
[2011.07.25 02:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2011.07.25 02:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2011.07.25 01:54:46 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\.android
[2011.07.25 01:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.07.25 01:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.07.25 01:49:31 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.07.25 01:49:31 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.07.25 01:49:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.07.25 01:49:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.07.25 01:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.04.07 13:02:46 | 000,256,560 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2011.04.07 13:02:44 | 000,203,312 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.08.21 12:51:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.21 12:37:34 | 000,202,984 | -H-- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.08.21 12:37:34 | 000,000,734 | ---- | M] () -- C:\Windows\System32\drivers\etc\hîsts
[2011.08.21 12:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.20 20:30:13 | 000,001,298 | -H-- | M] () -- C:\aaw7boot.cmd
[2011.08.20 19:31:20 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.08.20 14:51:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.20 14:29:32 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.20 14:29:32 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.20 14:28:33 | 001,094,502 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.08.20 14:28:33 | 000,777,742 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.20 14:28:33 | 000,281,206 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.08.20 14:28:33 | 000,261,018 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.20 14:21:41 | 2212,126,720 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.20 14:20:46 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011.08.20 14:20:46 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011.08.20 14:20:24 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011.08.20 14:13:31 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.08.20 13:37:34 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.08.20 13:37:34 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.08.20 13:37:34 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.08.20 13:37:34 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.08.20 13:36:38 | 000,000,179 | ---- | M] () -- C:\Windows\info1
[2011.08.20 13:36:01 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.08.20 13:31:42 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.08.20 13:30:24 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.08.20 13:29:52 | 000,258,048 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.08.06 17:05:56 | 000,000,453 | ---- | M] () -- C:\Users\Uživatel\Desktop\Uživatel.aus
[2011.08.04 23:37:43 | 000,000,017 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2011.08.03 02:24:17 | 000,002,232 | ---- | M] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.08.02 05:19:03 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2011.07.25 03:27:04 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.07.25 01:49:18 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.07.25 01:49:18 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.07.25 01:49:18 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.07.25 01:49:18 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.20 19:31:39 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011.08.20 19:31:20 | 000,001,298 | -H-- | C] () -- C:\aaw7boot.cmd
[2011.08.20 14:22:03 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.08.20 14:20:46 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.08.20 14:20:46 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.08.20 14:13:31 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.08.20 13:37:34 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.08.20 13:37:34 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.08.20 13:37:34 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.08.20 13:36:05 | 000,232,960 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.08.20 13:33:50 | 000,000,179 | ---- | C] () -- C:\Windows\info1
[2011.08.20 13:31:43 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.08.20 13:31:42 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.08.20 13:31:42 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.08.20 13:30:12 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.08.20 13:29:55 | 000,258,048 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.08.06 17:05:56 | 000,000,453 | ---- | C] () -- C:\Users\Uživatel\Desktop\Uživatel.aus
[2011.08.04 23:37:43 | 000,000,017 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2011.08.03 02:24:17 | 000,002,232 | ---- | C] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.08.02 05:19:01 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2011.08.02 04:50:24 | 000,386,923 | ---- | C] () -- C:\Windows\KMSAct.exe
[2011.07.25 03:27:04 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.06.06 23:34:11 | 000,003,584 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.17 23:04:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.07 15:03:14 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.04.07 14:09:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.07 13:11:08 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2011.04.07 13:02:45 | 001,765,168 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011.04.07 13:02:45 | 000,027,184 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2011.04.07 13:02:44 | 000,034,480 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011.04.07 13:02:44 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2009.08.14 06:52:50 | 001,094,502 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.08.14 06:52:50 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.08.14 06:52:50 | 000,281,206 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.08.14 06:52:50 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.29 15:30:16 | 000,109,216 | ---- | C] () -- C:\Windows\System32\drivers\SafeBoot.sys
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 001,753,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,777,742 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,261,018 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.29 16:10:06 | 000,300,600 | ---- | C] () -- C:\Windows\System32\flcdlmsg.dll
[2009.06.18 09:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004.12.30 11:20:28 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2004.11.11 08:04:28 | 000,137,728 | ---- | C] () -- C:\Windows\System32\ZipDll.dll
[2002.10.23 16:15:26 | 000,036,352 | ---- | C] () -- C:\Windows\System32\DZSFXUS.bin
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2011.04.14 22:01:55 | 000,000,000 | ---D | M] -- C:\Users\Host\AppData\Roaming\WTouch
[2011.06.08 02:49:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.04 19:21:51 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\go
[2011.05.16 19:38:09 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\GrabPro
[2011.06.28 21:20:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Kastner software
[2011.07.30 16:54:47 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2011.06.17 14:25:31 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\MiniDm
[2011.06.17 14:25:31 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\PhotoFiltre
[2011.05.16 19:38:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ProgSense
[2011.07.25 03:29:14 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Synaptics
[2011.04.13 03:58:51 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\WTouch
[2011.08.20 19:31:20 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009.07.14 06:53:46 | 000,026,690 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 12:06
od JeyDee
OTL Extras logfile created on: 21.8.2011 12:44:59 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Uživatel\Downloads
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 38,80% Memory free
5,49 Gb Paging File | 3,77 Gb Available in Paging File | 68,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 139,50 Gb Free Space | 59,93% Space Free | Partition Type: NTFS

Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IEPro\MiniDM.exe" = C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM -- (IE7Pro.com)
"C:\Users\Uživatel\Downloads\Flash-Player.exe" = C:\Users\Uživatel\Downloads\Flash-Player.exe:*:Enabled:C:\Users\Uživatel\Downloads\Flash-Player.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-2-0\svchost.exe" = C:\Windows\update.tray-2-0\svchost.exe:*:Enabled:C:\Windows\update.tray-2-0\svchost.exe -- ()
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07D53DF5-D72B-DC8B-33DE-EB76124CB972}" = Catalyst Control Center Graphics Light
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0934E41E-D8EE-478A-A540-AE9FAE399D5D}" = HP ProtectTools Security Manager
"{1042D525-CF81-9A13-5630-AB5AC3D3AE09}" = CCC Help Thai
"{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}" = Synaptics Gesture Suite featuring SYNAPTICS | Scrybe
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1BE8806A-84F8-4655-A381-0D5524430944}" = ActivClient x86
"{1D5BC9E5-5FB2-6692-1C1D-575711BD3720}" = CCC Help Russian
"{1D5C9FD8-ECDB-7E56-7B57-98366D31B8F2}" = CCC Help Finnish
"{1D6036BB-7643-4B1E-3DE3-1C117C3BF6FC}" = ATI Catalyst Install Manager
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1D9D8ECA-6C7D-747F-8F66-63B86934578D}" = CCC Help English
"{1E45AB9A-50BC-F6C9-C2A9-D3416216E40A}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2DA64F92-DDB0-51AA-144F-AACED3DCF0E6}" = CCC Help Portuguese
"{32F44D57-43CE-1E06-FEEA-044C4A2445BE}" = Catalyst Control Center Core Implementation
"{33DBA3CA-4E9D-4087-9911-359E45263D92}" = HP 3D DriveGuard
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{39C86D22-8871-3080-B226-BE3E3F99996A}" = CCC Help Norwegian
"{3ABFC3AE-C403-CDE6-31B8-172B69F91D6F}" = Catalyst Control Center InstallProxy
"{3B84CB71-78CA-4E9B-9167-1B877D60FB97}" = HP JavaCard for HP ProtectTools
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CD5E925-0EFE-4E0E-849E-BAF2E6D9E1C5}" = Credential Manager for HP ProtectTools
"{3D530ADE-8F26-D9D4-DAD1-0187DD6B1DF6}" = Catalyst Control Center Graphics Full New
"{40034B11-149E-4310-AE89-BB575B02525B}" = LG Internet Kit
"{4649126F-45B6-47A2-B2A2-FB8FDB2FDE2E}" = Catalyst Control Center - Branding
"{4998A816-9F97-560C-A506-1FB9E5401A0C}" = CCC Help Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D28DC85-ACC6-DB02-A9C6-7AE2C4918B39}" = CCC Help French
"{4E22DCA2-CC12-DA59-58C7-65DC58F2E3AD}" = Catalyst Control Center Graphics Full Existing
"{4FAD70B6-E246-496E-9719-449E3756BF0B}" = ESET NOD32 Antivirus
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5AFACEA0-7B2D-F54E-6580-CB1B6CA64A98}" = CCC Help Chinese Standard
"{5D4875F6-89D1-4E9C-B7B9-9164C9D20C9C}" = Kaspersky Security Scan
"{5ED6730E-22A5-2424-974B-E448394ECAFF}" = Catalyst Control Center Graphics Previews Common
"{5FC9B6E4-E8C2-68C1-849A-7A8913FA68C6}" = CCC Help Greek
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6E50488B-742A-2F20-4DC4-8B280CF0FCDD}" = CCC Help Swedish
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7030B452-16AC-0F73-A83A-7EA01D125A74}" = CCC Help Hungarian
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1" = Free MP3 Cutter 1.01
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9927BE31-1F91-4F2F-0706-F42380F42F21}" = Catalyst Control Center Graphics Previews Vista
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A05DD31F-7D42-15A5-A7CC-52B8A64E1CE1}" = ccc-utility
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7D3AFE1-009C-1FD9-2667-44C7AEADC854}" = CCC Help Japanese
"{A7F0C8E7-AB4E-07E9-A253-01AC35FB99E5}" = CCC Help Chinese Traditional
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A97F763F-3563-437E-85F9-135314D6FC43}" = HP ESU for Microsoft Windows 7
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AD46608C-3F3A-CCF9-AFC9-6ABC30F3CD14}" = ccc-core-static
"{ADF17636-4BEC-2FDA-BBAC-7EB54A9CD38A}" = CCC Help Turkish
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4175345-47B2-D099-4F7E-01A909E35898}" = CCC Help Dutch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD7A7136-1E88-4EB8-985C-1326DCE5612A}" = AuthenTec Fingerprint System
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C2FC6A03-5059-4A95-1718-7213A1847447}" = CCC Help Spanish
"{C4518D5B-C62C-4984-A615-1FC1DD55B86A}" = Drive Encryption for HP ProtectTools
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{C99A9E93-B711-068F-8826-71E4EA734C26}" = CCC Help German
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}" = WinZip 15.5
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4C91A46-B290-D762-0FA2-E51AAE608A27}" = CCC Help Czech
"{E571E8B1-9771-465D-9DE0-3BA2D1BDAE99}" = The Matrix - Path of Neo
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EF655663-9233-EF19-2D7D-41CAD3ACDB9B}" = CCC Help Korean
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7181675-980F-B539-3C83-4B4C0116EA01}" = CCC Help Danish
"{F7B4CD99-8133-9B6E-3C9E-88BCCC9660A9}" = CCC Help Italian
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe PHOTOSHOP CS3 (Adam Chuchel)" = Adobe PHOTOSHOP CS3 (Adam Chuchel)
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AviSynth" = AviSynth 2.5
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"Counter-Strike 1.6 & Half-Life" = Counter-Strike 1.6 & Half-Life
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Easy Vysvědčení_is1" = Easy Vysvědčení verze 1.1
"Foto2Avi" = Foto2Avi 1.5
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Video Dub_is1" = Free Video Dub version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FSCZ_is1" = FORM studio
"Google Chrome" = Google Chrome
"IE7Pro" = IE7Pro
"LSI Soft Modem" = LSI HDA Modem
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 4.0.1 (x86 cs)" = Mozilla Firefox 4.0.1 (x86 cs)
"Office14.SingleImage" = Microsoft Office Professional 2010
"PDF Complete" = PDF Complete Special Edition
"Pen Tablet Driver" = Bamboo
"Picasa 3" = Picasa 3
"Polda V_is1" = Polda V
"PowerISO" = PowerISO
"ProgSense_is1" = ProgSense
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"ZipX_is1" = ZipX verze 1.6

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1902724176-3205514061-4035515947-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"PhotoFiltre" = PhotoFiltre

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.8.2011 7:35:34 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 20.8.2011 7:35:34 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 20.8.2011 7:35:34 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 20.8.2011 8:17:58 | Computer Name = Uživatel-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 20.8.2011 8:18:04 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 20.8.2011 8:18:04 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 20.8.2011 8:18:04 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 20.8.2011 8:28:29 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 20.8.2011 8:28:29 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 20.8.2011 8:28:29 | Computer Name = Uživatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

[ Credential Manager Events ]
Error - 17.8.2011 7:59:01 | Computer Name = Uživatel-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Uživatel@UŽIVATEL-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 17.8.2011 7:59:01 | Computer Name = Uživatel-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Uživatel@UŽIVATEL-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 17.8.2011 9:32:34 | Computer Name = Uživatel-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Uživatel@UŽIVATEL-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 17.8.2011 9:32:34 | Computer Name = Uživatel-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Uživatel@UŽIVATEL-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 17.8.2011 13:25:24 | Computer Name = Uživatel-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Uživatel@UŽIVATEL-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 17.8.2011 13:25:24 | Computer Name = Uživatel-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Uživatel@UŽIVATEL-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 19.8.2011 0:49:18 | Computer Name = Uživatel-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Uživatel@UŽIVATEL-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 19.8.2011 0:49:18 | Computer Name = Uživatel-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Uživatel@UŽIVATEL-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 19.8.2011 8:37:29 | Computer Name = Uživatel-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Uživatel@UŽIVATEL-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 19.8.2011 8:37:29 | Computer Name = Uživatel-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Uživatel@UŽIVATEL-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

[ Media Center Events ]
Error - 11.6.2011 21:29:11 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 3:29:11 - Chyba při připojování k Internetu 3:29:11 - Nelze kontaktovat
server..

Error - 11.6.2011 21:29:18 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 3:29:16 - Chyba při připojování k Internetu 3:29:16 - Nelze kontaktovat
server..

Error - 11.6.2011 22:29:22 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 4:29:22 - Chyba při připojování k Internetu 4:29:22 - Nelze kontaktovat
server..

Error - 11.6.2011 22:29:29 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 4:29:28 - Chyba při připojování k Internetu 4:29:28 - Nelze kontaktovat
server..

Error - 11.6.2011 23:32:56 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 5:32:56 - Chyba při připojování k Internetu 5:32:56 - Nelze kontaktovat
server..

Error - 11.6.2011 23:33:07 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 5:33:01 - Chyba při připojování k Internetu 5:33:01 - Nelze kontaktovat
server..

Error - 12.6.2011 0:33:12 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 6:33:12 - Chyba při připojování k Internetu 6:33:12 - Nelze kontaktovat
server..

Error - 12.6.2011 0:33:19 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 6:33:18 - Chyba při připojování k Internetu 6:33:18 - Nelze kontaktovat
server..

Error - 14.6.2011 18:24:18 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 0:24:18 - Chyba při připojování k Internetu 0:24:18 - Nelze kontaktovat
server..

Error - 14.6.2011 18:24:53 | Computer Name = Uživatel-PC | Source = MCUpdate | ID = 0
Description = 0:24:48 - Chyba při připojování k Internetu 0:24:48 - Nelze kontaktovat
server..

[ System Events ]
Error - 20.8.2011 8:10:14 | Computer Name = Uživatel-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.8.2011 8:10:24 | Computer Name = Uživatel-PC | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 20.8.2011 8:17:58 | Computer Name = Uživatel-PC | Source = Service Control Manager | ID = 7030
Description = Služba Lavasoft Ad-Aware Service je označena jako interaktivní služba.
Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby.
Tato služba nebude fungovat správně.

Error - 20.8.2011 8:20:30 | Computer Name = Uživatel-PC | Source = DCOM | ID = 10010
Description =

Error - 20.8.2011 8:21:44 | Computer Name = Uživatel-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 20.8.2011 8:21:44 | Computer Name = Uživatel-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.8.2011 8:21:56 | Computer Name = Uživatel-PC | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 20.8.2011 12:17:10 | Computer Name = Uživatel-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.8.2011 15:34:09 | Computer Name = Uživatel-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 21.8.2011 6:33:06 | Computer Name = Uživatel-PC | Source = atikmdag | ID = 43029
Description = Display is not active


< End of report >


Díky moc a čekám na odpověď ;)

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 12:22
od Caroprd111
Office máte legální :???:

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 12:36
od JeyDee
NN Cracklý

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 12:42
od Caroprd111
Podle pravidel fóra se zde nelegálním softwarem nezabýváme - nelegální programy představují bezpečnostní hrozbu a navíc tím porušujete zákon. :spam:

Až odstraníte z PC všechen nelegální software, jsem ochoten pokračovat.

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 13:00
od JeyDee
Odisntalováno... mám sem hodit nový logy?

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 13:00
od Caroprd111
Udělejte znovu RSIT a vložte mi sem jen info.txt

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 13:29
od JeyDee
Tady je info z RISTU


Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2011-08-21 14:26:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 149 GB (63%) free of 238 GB
Total RAM: 2813 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:26:40, on 21.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Uživatel\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe
O4 - HKLM\..\Run: [8304816.exe] "C:\Windows\Temp\8304816.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [6084512.exe] "C:\Users\Uživatel\AppData\Local\Temp\6084512.exe"
O4 - HKLM\..\Run: [6097584.exe] "C:\Windows\Temp\6097584.exe"
O4 - HKLM\..\Run: [4282020.exe] "C:\Windows\Temp\4282020.exe"
O4 - HKLM\..\Run: [57868644-loader2.exe] "C:\Windows\Temp\57868644-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Uživatel\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ddservice - Unknown owner - C:\Windows\update.7.1\svchostdriver.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe (file missing)
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe (file missing)
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\STacSV.exe
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe (file missing)

--
End of file - 10977 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYYCZ&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
ssldivx.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default\extensions\
engine@conduit.com
fastdial@telega.phpnet.us
fbdislike@doweb.fr
toolbar@ask.com
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\vxll5oq5.default\searchplugins\
askcom.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2010-06-02 777392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-25 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23 98576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\IEPro\IEProRecorder.dll [2010-06-02 662736]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-08-05 458844]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2221352]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 288312]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2009-07-30 354360]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 153640]
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 400936]
"CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2009-07-23 24848]
"wxpdrv"=C:\Windows\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-2-0\svchost.exe []
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"8304816.exe"=C:\Windows\Temp\8304816.exe []
"sysdriver32.exe"=C:\Windows\sysdriver32.exe rezerv []
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe rezerv []
"6084512.exe"=C:\Users\Uživatel\AppData\Local\Temp\6084512.exe []
"6097584.exe"=C:\Windows\Temp\6097584.exe [2011-08-20 632832]
"4282020.exe"=C:\Windows\Temp\4282020.exe []
"57868644-loader2.exe"=C:\Windows\Temp\57868644-loader2.exe []
"l1rezerv.exe"=C:\Windows\l1rezerv.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files\PDF Complete\pdfsty.exe [2009-06-18 563736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-29 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kaspersky Security Scan.lnk]
C:\Program Files\Kaspersky Security Scan\KSS.exe /hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-07-25 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uživatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ProgSense.lnk]
C:\Program Files\ProgSense\progsense.exe /StartRun []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\Windows\system32\DeviceNP.dll [2009-06-29 75320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Users\Uživatel\Downloads\Flash-Player.exe"="C:\Users\Uživatel\Downloads\Flash-Player.exe:*:Enabled:C:\Users\Uživatel\Downloads\Flash-Player.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.tray-2-0\svchost.exe"="C:\Windows\update.tray-2-0\svchost.exe:*:Enabled:C:\Windows\update.tray-2-0\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.ffds"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-20 19:34:07 ----D---- C:\rsit
2011-08-20 19:34:07 ----D---- C:\Program Files\trend micro
2011-08-20 19:31:39 ----A---- C:\Windows\system32\lsdelete.exe
2011-08-20 14:20:46 ----A---- C:\Windows\system32\rp_stats.dat
2011-08-20 14:20:46 ----A---- C:\Windows\system32\rp_rules.dat
2011-08-20 14:20:26 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-20 14:20:26 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-08-20 14:20:25 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-08-20 14:13:33 ----HDC---- C:\ProgramData\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
2011-08-20 14:13:24 ----D---- C:\ProgramData\Lavasoft
2011-08-20 14:13:24 ----D---- C:\Program Files\Lavasoft
2011-08-20 13:37:35 ----D---- C:\Windows\ufa
2011-08-20 13:37:35 ----D---- C:\Windows\rpcminer
2011-08-20 13:37:35 ----D---- C:\Windows\phoenix
2011-08-20 13:35:49 ----A---- C:\Windows\btc_client_iplist.txt
2011-08-20 13:35:22 ----HD---- C:\Windows\update.5.0
2011-08-20 13:34:51 ----A---- C:\Windows\iecheck_iplist.txt
2011-08-20 13:34:25 ----HD---- C:\Windows\update.2
2011-08-20 13:33:50 ----HD---- C:\Windows\update.7.1
2011-08-20 13:31:42 ----A---- C:\Windows\unrar.exe
2011-08-20 13:30:24 ----A---- C:\Windows\iplist.txt
2011-08-20 13:29:39 ----D---- C:\Windows\av_ico
2011-08-20 13:29:38 ----A---- C:\Windows\front_ip_list.txt
2011-08-20 00:04:29 ----HD---- C:\Windows\update.1
2011-08-20 00:04:28 ----HD---- C:\Windows\update.tray-2-0-lnk
2011-08-20 00:04:28 ----HD---- C:\Windows\update.tray-2-0
2011-08-19 23:54:17 ----A---- C:\Windows\winlog-ids.txt
2011-08-19 23:54:17 ----A---- C:\Windows\winlog-dirs.txt
2011-08-15 19:12:03 ----D---- C:\Program Files\Free MP3 Cutter
2011-08-14 22:19:31 ----A---- C:\Windows\system32\xmllite.dll
2011-08-14 22:19:13 ----A---- C:\Windows\system32\kernel32.dll
2011-08-14 22:19:13 ----A---- C:\Windows\system32\conhost.exe
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-14 22:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-14 22:19:12 ----A---- C:\Windows\system32\winsrv.dll
2011-08-14 22:19:12 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-14 22:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-14 22:18:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-14 22:18:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-14 22:18:48 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-14 22:18:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-14 22:18:22 ----A---- C:\Windows\system32\iertutil.dll
2011-08-14 22:18:19 ----A---- C:\Windows\system32\mshtml.dll
2011-08-14 22:18:19 ----A---- C:\Windows\system32\ieframe.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\wininet.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\urlmon.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\url.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-14 22:18:17 ----A---- C:\Windows\system32\ieui.dll
2011-08-14 22:18:16 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-14 22:16:53 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-02 05:21:30 ----D---- C:\Windows\pss
2011-08-02 05:19:03 ----D---- C:\Program Files\SpeedFan
2011-08-02 04:51:27 ----D---- C:\WindowsOffBackup
2011-08-02 04:50:24 ----A---- C:\Windows\KMSAct.exe
2011-07-30 16:54:47 ----D---- C:\Users\Uživatel\AppData\Roaming\Leadertech
2011-07-30 16:45:27 ----D---- C:\Program Files\Atari
2011-07-30 16:44:41 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-27 04:50:26 ----D---- C:\Program Files\Counter-Strike 1.6 & Half-Life
2011-07-25 04:00:05 ----D---- C:\Program Files\Polda 5
2011-07-25 03:33:59 ----D---- C:\Program Files\EA GAMES
2011-07-25 03:29:14 ----D---- C:\Users\Uživatel\AppData\Roaming\Synaptics
2011-07-25 03:24:36 ----D---- C:\ProgramData\Synaptics
2011-07-25 03:24:23 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynTPCo9.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynTPAPI.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynCtrl.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\SynCOM.dll
2011-07-25 03:24:22 ----A---- C:\Windows\system32\drivers\SynTP.sys
2011-07-25 02:36:41 ----D---- C:\Program Files\PowerISO
2011-07-25 01:49:50 ----D---- C:\ProgramData\Sun
2011-07-25 01:49:50 ----D---- C:\Program Files\Common Files\Java
2011-07-25 01:49:31 ----A---- C:\Windows\system32\javaws.exe
2011-07-25 01:49:31 ----A---- C:\Windows\system32\javaw.exe
2011-07-25 01:49:31 ----A---- C:\Windows\system32\java.exe
2011-07-25 01:49:31 ----A---- C:\Windows\system32\deployJava1.dll
2011-07-25 01:49:14 ----D---- C:\Program Files\Java

======List of files/folders modified in the last 1 month======

2011-08-21 14:26:39 ----D---- C:\Windows\Temp
2011-08-21 14:24:38 ----D---- C:\Windows\Microsoft.NET
2011-08-21 14:24:22 ----RSD---- C:\Windows\assembly
2011-08-21 14:24:16 ----D---- C:\Windows\System32
2011-08-21 14:24:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-21 14:15:44 ----D---- C:\Windows\system32\Tasks
2011-08-21 14:15:30 ----D---- C:\Windows\Tasks
2011-08-21 14:15:27 ----D---- C:\Windows\system32\config
2011-08-21 14:15:06 ----SHD---- C:\Config.Msi
2011-08-21 14:15:04 ----D---- C:\Windows
2011-08-21 14:12:43 ----SHD---- C:\Windows\Installer
2011-08-21 14:12:26 ----D---- C:\ProgramData\Microsoft Help
2011-08-21 14:11:53 ----RD---- C:\Program Files
2011-08-21 14:11:53 ----D---- C:\Program Files\Microsoft.NET
2011-08-21 14:11:53 ----D---- C:\Program Files\Common Files\microsoft shared
2011-08-21 14:11:52 ----SD---- C:\ProgramData\Microsoft
2011-08-21 14:11:34 ----RSD---- C:\Windows\Fonts
2011-08-21 14:11:25 ----D---- C:\Windows\ShellNew
2011-08-21 14:11:23 ----D---- C:\Program Files\Common Files
2011-08-21 14:09:51 ----D---- C:\Program Files\Common Files\System
2011-08-21 14:09:51 ----A---- C:\Windows\win.ini
2011-08-21 14:08:41 ----SHD---- C:\System Volume Information
2011-08-21 00:34:19 ----D---- C:\ProgramData\PDFC
2011-08-20 19:34:08 ----D---- C:\Windows\Prefetch
2011-08-20 14:20:26 ----D---- C:\Windows\system32\drivers
2011-08-20 14:20:26 ----D---- C:\Windows\system32\catroot
2011-08-20 14:13:33 ----HD---- C:\ProgramData
2011-08-20 14:13:09 ----D---- C:\Windows\winsxs
2011-08-20 13:34:51 ----D---- C:\Windows\system32\drivers\etc
2011-08-15 08:28:26 ----D---- C:\Windows\system32\migration
2011-08-15 08:28:26 ----D---- C:\Program Files\Internet Explorer
2011-08-15 08:01:16 ----A---- C:\Windows\system32\MRT.exe
2011-08-14 22:18:03 ----D---- C:\Windows\system32\catroot2
2011-08-04 23:18:27 ----D---- C:\Users\Uživatel\AppData\Roaming\WTablet
2011-08-04 19:37:22 ----D---- C:\Users\Uživatel\AppData\Roaming\Skype
2011-08-04 19:36:54 ----D---- C:\ProgramData\Easybits GO
2011-08-04 19:31:51 ----D---- C:\ProgramData\Skype Extras
2011-08-04 19:21:51 ----D---- C:\Users\Uživatel\AppData\Roaming\go
2011-07-30 16:45:29 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-28 00:30:42 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-07-25 03:26:47 ----D---- C:\Windows\inf
2011-07-25 03:26:39 ----D---- C:\Windows\system32\DriverStore
2011-07-25 03:24:36 ----D---- C:\Program Files\Synaptics

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 14392]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-04-26 64512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2009-07-29 109216]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2009-07-29 51408]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2009-07-29 12960]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2009-07-29 12528]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 4994560]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-04-07 2661368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-26 15232]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-07-02 1765168]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-08-05 409088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1335472]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2009-05-20 13736]
R3 WacomVKHid;Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\WacomVKHid.sys [2007-02-16 11440]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv.sys [2009-06-29 32312]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2009-01-30 15656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\aestsrv.exe [2009-03-02 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 176128]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-29 256544]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_78abd0f66cc3a020\STacSV.exe [2009-08-05 221266]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 ddservice;ddservice; C:\Windows\update.7.1\svchostdriver.exe srv []
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-17 136176]
S2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe srv []
S2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe srv []
S2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe srv []
S2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe srv []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\Windows\system32\flcdlock.exe [2009-06-29 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-27 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-17 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-07 1343400]
S4 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [2009-07-15 4408616]
S4 WTouchService;WTouch Service; C:\Program Files\WTouch\WTouchService.exe [2009-07-15 112936]

-----------------EOF-----------------

=)

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 14:53
od Caroprd111
Tohle není log info.txt, potřebuji ten druhý. :) ESET máte předpokládám legální.

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 15:18
od JeyDee
s RSIT mi vyjede jen log.txt, jak z něho dostanu info.txt?... a ESET je legální ;)

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 15:20
od Caroprd111
Podívejte se do složky C:\rsit

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 15:47
od JeyDee
info.txt logfile of random's system information tool 1.09 2011-08-21 16:46:05

======Uninstall list======

7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ActivClient x86-->MsiExec.exe /I{1BE8806A-84F8-4655-A381-0D5524430944}
Ad-Aware-->"C:\ProgramData\{91EC863D-D912-4466-91CC-9489A4A2ADD3}\Ad-Aware90Install.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{91EC863D-D912-4466-91CC-9489A4A2ADD3}\Ad-Aware90Install.exe
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe PHOTOSHOP CS3 (Adam Chuchel)-->C:\Program Files\Adobe\Adobe Photoshop CS3\Adam Chuchel\Uninstal.exe
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 9.2 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A92000000001}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
AuthenTec Fingerprint System-->MsiExec.exe /I{BD7A7136-1E88-4EB8-985C-1326DCE5612A}
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bamboo-->C:\Program Files\Tablet\Pen\Remove.exe /u
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Catalyst Control Center - Branding-->MsiExec.exe /I{4649126F-45B6-47A2-B2A2-FB8FDB2FDE2E}
Combined Community Codec Pack 2009-09-09-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Counter-Strike 1.6 & Half-Life-->C:\Program Files\Counter-Strike 1.6 & Half-Life\Uninstal.exe
Credential Manager for HP ProtectTools-->rundll32.exe "C:\Program Files\Hewlett-Packard\IAM\Bin\SetupHelper.dll",ExecMain /Uninstall {3CD5E925-0EFE-4E0E-849E-BAF2E6D9E1C5}
Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Drive Encryption for HP ProtectTools-->MsiExec.exe /I{C4518D5B-C62C-4984-A615-1FC1DD55B86A}
DVDVideoSoftTB Toolbar-->C:\PROGRA~1\DVDVID~2\UNWISE.EXE /U C:\PROGRA~1\DVDVID~2\INSTALL.LOG
Easy Vysvědčení verze 1.1-->"C:\Program Files\EasyVys\unins000.exe"
FORM studio-->"C:\Program Files\KASTNER software\FORM studio CZ\unins000.exe"
Foto2Avi 1.5-->C:\Program Files\Foto2Avi\uninst.exe
Free Audio CD Burner version 1.4-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free MP3 Cutter 1.01-->"C:\Program Files\Free MP3 Cutter\unins000.exe"
Free Video Dub version 1.2-->"C:\Program Files\DVDVideoSoft\Free Video Dub\unins000.exe"
Free YouTube to MP3 Converter version 3.8-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
GIMP 2.6.11-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\13.0.782.112\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP 3D DriveGuard-->MsiExec.exe /X{33DBA3CA-4E9D-4087-9911-359E45263D92}
HP ESU for Microsoft Windows 7-->MsiExec.exe /I{A97F763F-3563-437E-85F9-135314D6FC43}
HP JavaCard for HP ProtectTools-->MsiExec.exe /I{3B84CB71-78CA-4E9B-9167-1B877D60FB97}
HP ProtectTools Security Manager Suite-->C:\Windows\Installer\HPPTSuiteInstallEngine.exe /uninstall=C:\Windows\Installer\09074130.msi
HP ProtectTools Security Manager-->MsiExec.exe /I{0934E41E-D8EE-478A-A540-AE9FAE399D5D}
HP Quick Launch Buttons-->"C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0005 -removeonly uninst
HP Web Camera-->MsiExec.exe /I{C7AE4EC3-9C13-4213-8457-74D16B353F91}
HP Webcam Driver-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0005 -removeonly
HP Webcam-->C:\ProgramData\Uninstall\{1D61E881-43CD-447B-9E6B-D2C6138B2862}\setup.exe /x {1D61E881-43CD-447B-9E6B-D2C6138B2862}
IDT Audio-->"C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Kaspersky Security Scan-->MsiExec.exe /I{5D4875F6-89D1-4E9C-B7B9-9164C9D20C9C}
LG Internet Kit-->C:\Program Files\InstallShield Installation Information\{40034B11-149E-4310-AE89-BB575B02525B}\setup.exe -runfromtemp -l0x0005 UNINSTALL -removeonly
LG USB Modem Drivers-->MsiExec.exe /I{FA02ACAC-9E14-4878-A257-92A22A647C2C}
LSI HDA Modem-->C:\Windows\agrsmdel
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 4.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Need for Speed Underground 2-->C:\Program Files\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
PDF Complete Special Edition-->C:\Program Files\PDF Complete\uninstall.exe
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Polda V-->"C:\Windows\UNISTB32.EXE" /U "C:\Program Files\Polda 5\UNINST0.000" "C:\Program Files\Polda 5\UNINST1.000"
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
ProgSense-->"C:\Program Files\ProgSense\unins000.exe"
QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Skype Toolbars-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.3-->MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe-->MsiExec.exe /X{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The Matrix - Path of Neo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E571E8B1-9771-465D-9DE0-3BA2D1BDAE99}\setup.exe" -l0x9 -removeonly
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 1.1.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinRAR 4.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
WinZip 15.5-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}
ZipX verze 1.6-->"C:\Program Files\ZipX\unins000.exe"

======Hosts File======

127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com

======System event log======

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Security Center byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Microsoft Software Shadow Copy Provider byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 900
Message: Služba Ochrana softwaru se spouští.

Record Number: 5
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20110407104410.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110407104156.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110407104152.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110407104149.221698-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110407104149.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407104127.319260-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407104127.303660-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x35a19
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407104127.054060-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407104125.478457-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110407104125.431657-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\ActivIdentity\ActivClient\;C:\Program Files\Hewlett-Packard\IAM\bin;C:\Program Files\Broadcom\Broadcom 802.11\Driver;C:\Program Files\Common Files\Teleca Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 6 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0602

-----------------EOF-----------------

Tak tady je info =)

Re: Facebook Chat Vir (Log)

Napsal: 21 srp 2011 16:41
od Caroprd111
:arrow: Doporučuji odinstalovat Ad-Aware.

:arrow: Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.

Kód: Vybrat vše

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

:OTL
MOD - [2011.08.20 13:36:01 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
MOD - [2011.08.19 23:53:43 | 001,215,488 | ---- | M] () -- C:\Windows\update.tray-2-0\svchost.exe
SRV - [2011.08.20 13:35:21 | 000,348,672 | ---- | M] () [Auto | Running] -- C:\Windows\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011.08.20 13:34:24 | 000,632,832 | ---- | M] () [Auto | Running] -- C:\Windows\update.2\svchost.exe -- (srviecheck)
SRV - [2011.08.20 13:33:49 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\Windows\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011.08.20 13:29:52 | 000,258,048 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.08.19 23:53:43 | 001,215,488 | ---- | M] () [Auto | Running] -- C:\Windows\update.1\svchost.exe -- (wxpdrivers)
IE - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
F - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=PTF&o=15507&locale=en_EU&apn_uid=8CF28322-B529-4C46-BDC3-6CBFFCCDDA43&apn_ptnrs=LJ&apn_sauid=5DF3D3B5-EB30-47C0-AAEB-3FFDD2EADBB4&apn_dtid=YYYYYYYYCZ&q="
[2011.08.19 23:54:44 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\vxll5oq5.default\extensions\toolbar@ask.com
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
3 - HKU\S-1-5-21-1902724176-3205514061-4035515947-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [4282020.exe] File not found
O4 - HKLM..\Run: [57868644-loader2.exe] File not found
O4 - HKLM..\Run: [6084512.exe] File not found
O4 - HKLM..\Run: [6097584.exe] C:\Windows\Temp\6097584.exe ()
O4 - HKLM..\Run: [8304816.exe] File not found
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] File not found
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
[2011.08.20 13:37:35 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.08.20 13:37:35 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.08.20 13:37:35 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.08.20 13:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.08.20 13:34:25 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.08.20 13:33:50 | 000,000,000 | -H-D | C] -- C:\Windows\update.7.1
[2011.08.20 13:29:39 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.08.20 00:04:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.08.20 00:04:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0-lnk
[2011.08.20 00:04:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0
[2011.08.20 13:37:34 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.08.20 13:37:34 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.08.20 13:37:34 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.08.20 13:37:34 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.08.20 13:36:38 | 000,000,179 | ---- | M] () -- C:\Windows\info1
[2011.08.20 13:36:01 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.08.20 13:31:42 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.08.20 13:30:24 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.08.20 13:29:52 | 000,258,048 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.08.20 19:31:39 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011.08.20 19:31:20 | 000,001,298 | -H-- | C] () -- C:\aaw7boot.cmd
[2011.08.20 13:37:34 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.08.20 13:37:34 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.08.20 13:37:34 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.08.20 13:36:05 | 000,232,960 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.08.20 13:33:50 | 000,000,179 | ---- | C] () -- C:\Windows\info1
[2011.08.20 13:31:43 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.08.20 13:31:42 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.08.20 13:31:42 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.08.20 13:30:12 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.08.20 13:29:55 | 000,258,048 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.08.02 04:50:24 | 000,386,923 | ---- | C] () -- C:\Windows\KMSAct.exe

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Uživatel\Downloads\Flash-Player.exe" =-
"C:\Windows\update.1\svchost.exe" =-
"C:\Windows\update.tray-2-0\svchost.exe" =-
"C:\Windows\update.2\svchost.exe" =-
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz