VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Padající počítač

https://forum.viry.cz:443/viewtopic.php?t=115391

Stránka 1 z 1

Padající počítač

Napsal: 14 zář 2011 18:29
od gekom1
Dobrý den, počítač je celkem dost pomalý, častý crash-Bluescreen, prosím o kontrolu logu a o pomoc. Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2011-09-14 19:27:00
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 54 GB (18%) free of 305 GB
Total RAM: 3325 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:05, on 14.9.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aktualne.cz/?ms=ae
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com?pr=photopos2_0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bf&s={searchTerms}&f=4
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Windows Internet Explorer: Aktuálně.cz
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll
O2 - BHO: ShowBarObj Class - {2863E737-DD3F-4280-9AF8-E9E79C16F312} - C:\Program Files\MusicFrost\Music Frost Toolbar\MinBHO.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O2 - BHO: HelloWorldBHO - {657E195F-066D-435C-92DB-7C261E6FE832} - C:\Program Files\MusicFrost\Music Frost Toolbar\MFSearch.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O3 - Toolbar: MFSearch - {657E195F-066D-435C-92DB-7C261E6FE832} - C:\Program Files\MusicFrost\Music Frost Toolbar\MFSearch.dll
O3 - Toolbar: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Philips Device Listener] "C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Morpheus Music\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Windows\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Centrum.cz - {1D9C7226-B1D8-46B5-B8DB-F06E6F1DC087} - http://www.centrum.cz (file missing) (HKCU)
O9 - Extra button: Supermapy - {2E7ABEEB-D132-473F-88DB-DB340A072EDB} - http://www.supermapy.cz (file missing) (HKCU)
O9 - Extra button: Bleskově - {5B83376F-5952-4C8C-9B5B-FDB51FD89055} - http://www.bleskove.cz (file missing) (HKCU)
O9 - Extra button: Počasí - {A6287042-F897-42EF-8DE1-18AC69D079F1} - http://pocasi.centrum.cz (file missing) (HKCU)
O9 - Extra button: Žena.cz - {B1E6D091-0086-436B-ACCB-998DA98FA21D} - http://www.zena.cz (file missing) (HKCU)
O9 - Extra button: Aktuálně - {B9BAD5E6-450F-443D-946F-CCCBABE989C8} - http://aktualne.centrum.cz (file missing) (HKCU)
O9 - Extra button: Stahuj.cz - {BEA9768F-48AE-422B-A711-12FF0479BD0D} - http://www.stahuj.cz (file missing) (HKCU)
O9 - Extra button: Xchat.cz - {E590373A-FB8E-485A-BCF9-1F9C0B8F7287} - http://www.xchat.cz (file missing) (HKCU)
O9 - Extra button: Slovníky - {F30610C7-23C3-4898-B5D6-7B9927BC8003} - http://slovniky.centrum.cz (file missing) (HKCU)
O9 - Extra button: Fotoalba - {F6F3D251-8CF4-4B85-AA51-1E0D84132FED} - http://www.fotoalba.cz (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {320BF8A9-57F9-4061-A13B-35CB56A87C48} (SafePrint2) - http://www.editionglobalmusic.com/SafePrint.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - https://register.creative.com/register/ ... tNoMFC.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate1c9f822e2d7812d) (gupdate1c9f822e2d7812d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

--
End of file - 13486 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3986875297-340200409-3094631514-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3986875297-340200409-3094631514-1000UA.job
C:\Windows\tasks\Norton Security Scan for Jirka.job
C:\Windows\tasks\SpeedOptimizer Startup.job
C:\Windows\tasks\User_Feed_Synchronization-{1DEDDC81-4969-48BD-8D06-32460024C50B}.job
C:\Windows\tasks\User_Feed_Synchronization-{6BB5D357-3322-4BA2-8AA1-3C848DF155E9}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\hk5h09ep.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "BSToolbar@toolbarnet.com:1.0.0.5, DTToolbar@toolbarnet.com:1.0.0.5, {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1, dealio@mybrowserbar.com:4.0.2, searchsettings@spigot.com:1.2.3, radiobar@toolbar:1.0.0, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, vshare@toolbar:1.0.0, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, ffxtlbr@Facemoods.com:1.2.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.1&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG10\Firefox4\
"{27182e60-b5f3-411c-b545-b44205977502}"=C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.1601.7122\npCIDetect13.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1864]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1924]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.857]
"Description"=6.0.12.857
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npbittorrent.dll
npdeploytk.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
QuickTimePlugin.class
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
yahoo.xml

C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\hk5h09ep.default\extensions\
plugin3@gameplaylabs.com
radiobar@toolbar
vshare@toolbar
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{20a82645-c095-46ed-80e3-08825760534b}
{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\hk5h09ep.default\searchplugins\
icq-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
MFGSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2863E737-DD3F-4280-9AF8-E9E79C16F312}]
ShowBarObj Class - C:\Program Files\MusicFrost\Music Frost Toolbar\MinBHO.dll [2011-02-10 220672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-08-05 2274144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}]
PhotoPos Toolbar - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll [2009-09-30 91584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{657E195F-066D-435C-92DB-7C261E6FE832}]
MFSearch - C:\Program Files\MusicFrost\Music Frost Toolbar\MFSearch.dll [2011-04-13 1734656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{657E195F-066D-435C-92DB-7C261E6FE832} - MFSearch - C:\Program Files\MusicFrost\Music Frost Toolbar\MFSearch.dll [2011-04-13 1734656]
{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - PhotoPos Toolbar - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll [2009-09-30 91584]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-07-28 9398888]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-04-18 2334560]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe [2010-10-26 323584]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"Philips Device Listener"=C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2010-12-07 380416]
"HTC Sync Loader"=C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-04-26 593920]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-28 39408]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"Google Update"=C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-01 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Users\Jirka\Program Files\DNA\btdna.exe [2009-11-07 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dream Desktop Agent]
C:\Program Files\Dream Desktop Agent\dreamdesktop.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe [2008-08-19 1795656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-01 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
~C:\Program Files\ICQ7.2\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe /startoptions []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-11-20 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe [2010-11-06 2975640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Checkup]
C:\Program Files\Speeditup Free\PCCheckup\PCCheckUp.exe [2007-08-02 3965440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-03-15 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
c:\program files\quicktime\qttask.exe [2008-05-13 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-07-28 9398888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Dealio Toolbar\SearchSettings.exe [2011-02-21 975360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
C:\Program Files\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItUpEX]
C:\Program Files\Speeditup Free\SpeedItUp.exe [2009-06-28 2274816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe [2008-11-17 111928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-28 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System]
C:\Users\Jirka\Music\lst.exe [2010-03-06 10752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DualCoreCenter.lnk]
C:\PROGRA~1\MSI\DUALCO~1\STARTU~1.EXE [2007-09-27 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-12-29 91440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2008-05-02 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\2.0.181\SSScheduler.exe [2010-01-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Neuratron AudioScore Input Assistant.lnk]
C:\PROGRA~1\NEURAT~1\AUDIOS~1.EXE [2006-05-16 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Service Manager.lnk]
C:\PROGRA~1\MI6841~1\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk]
C:\Users\Jirka\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe [2011-01-28 1257184]

C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"vidc.DIVX"=DivX.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2011-09-14 19:21:04 ----D---- C:\rsit
2011-09-14 17:56:01 ----D---- C:\Program Files\Ultimate Process Manager
2011-09-14 15:43:46 ----D---- C:\Program Files\Red orchestra
2011-09-12 08:42:43 ----A---- C:\Windows\system32\wininet.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\urlmon.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-09-12 08:42:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-09-12 08:42:43 ----A---- C:\Windows\system32\msrating.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\msls31.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\mshtmler.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\jsproxy.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\ieui.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\iesysprep.dll
2011-09-12 08:42:43 ----A---- C:\Windows\system32\iertutil.dll
2011-09-12 08:42:42 ----A---- C:\Windows\system32\ieframe.dll
2011-09-12 08:42:42 ----A---- C:\Windows\system32\ieapfltr.dll
2011-09-12 08:42:42 ----A---- C:\Windows\system32\ieapfltr.dat
2011-09-12 08:42:42 ----A---- C:\Windows\system32\ie4uinit.exe
2011-09-12 08:42:42 ----A---- C:\Windows\system32\icardie.dll
2011-09-12 08:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2011-09-12 08:42:42 ----A---- C:\Windows\system32\dxtmsft.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\wextract.exe
2011-09-12 08:42:41 ----A---- C:\Windows\system32\webcheck.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\url.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\mshtmled.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\msfeeds.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\licmgr10.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\inseng.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\iexpress.exe
2011-09-12 08:42:41 ----A---- C:\Windows\system32\iesetup.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\iernonce.dll
2011-09-12 08:42:41 ----A---- C:\Windows\system32\iedkcs32.dll
2011-09-12 08:42:40 ----A---- C:\Windows\system32\vbscript.dll
2011-09-12 08:42:40 ----A---- C:\Windows\system32\pngfilt.dll
2011-09-12 08:42:40 ----A---- C:\Windows\system32\occache.dll
2011-09-12 08:42:40 ----A---- C:\Windows\system32\mshtml.dll
2011-09-12 08:42:40 ----A---- C:\Windows\system32\mshta.exe
2011-09-12 08:42:40 ----A---- C:\Windows\system32\ieUnatt.exe
2011-09-12 08:42:40 ----A---- C:\Windows\system32\ieakui.dll
2011-09-12 08:42:40 ----A---- C:\Windows\system32\ieaksie.dll
2011-09-12 08:42:40 ----A---- C:\Windows\system32\admparse.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\msfeedssync.exe
2011-09-12 08:42:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\jscript9.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\jscript.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\imgutil.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\iepeers.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\ieakeng.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-09-12 08:42:39 ----A---- C:\Windows\system32\advpack.dll
2011-09-12 08:40:34 ----A---- C:\Windows\system32\gpprefcl.dll
2011-09-11 08:52:23 ----D---- C:\ProgramData\ATI
2011-09-11 08:52:20 ----D---- C:\Program Files\AMD APP
2011-09-11 08:51:39 ----D---- C:\ProgramData\AMD
2011-09-11 08:51:00 ----A---- C:\Windows\system32\drivers\amdiox86.sys
2011-09-09 13:27:19 ----D---- C:\Program Files\Black_Box
2011-09-09 13:14:53 ----D---- C:\Program Files\Microsoft
2011-09-09 13:14:51 ----D---- C:\Program Files\MSN Toolbar
2011-09-09 13:12:12 ----D---- C:\Program Files\Bing Bar Installer
2011-09-05 15:01:15 ----A---- C:\Windows\system32\XpsPrint.dll
2011-09-05 09:57:43 ----D---- C:\Program Files\Windows Portable Devices
2011-09-05 08:57:46 ----D---- C:\Users\Jirka\AppData\Roaming\Tropico 4
2011-09-05 08:56:29 ----D---- C:\Users\Jirka\AppData\Roaming\Kalypso Media
2011-09-05 07:21:45 ----A---- C:\Windows\system32\UIAnimation.dll
2011-09-05 07:21:44 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-09-05 07:21:44 ----A---- C:\Windows\system32\UIRibbon.dll
2011-09-05 07:21:09 ----A---- C:\Windows\system32\WMPhoto.dll
2011-09-05 07:21:08 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2011-09-05 07:21:08 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-09-05 07:21:08 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2011-09-05 07:21:08 ----A---- C:\Windows\system32\dxdiagn.dll
2011-09-05 07:21:08 ----A---- C:\Windows\system32\dxdiag.exe
2011-09-05 07:21:07 ----A---- C:\Windows\system32\d3d11.dll
2011-09-05 07:20:38 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2011-09-05 07:20:38 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-09-05 07:20:38 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2011-09-05 07:20:37 ----A---- C:\Windows\system32\WpdMtpUS.dll
2011-09-05 07:20:37 ----A---- C:\Windows\system32\WpdConns.dll
2011-09-05 07:20:37 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2011-09-05 07:20:37 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2011-09-05 07:20:36 ----A---- C:\Windows\system32\WPDSp.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\wpdshext.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\WpdMtp.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\wpd_ci.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2011-09-05 07:20:36 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-09-05 07:19:47 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-09-05 07:19:47 ----A---- C:\Windows\system32\oleaccrc.dll
2011-09-05 07:19:47 ----A---- C:\Windows\system32\oleacc.dll
2011-09-04 14:15:37 ----A---- C:\Windows\system32\winsrv.dll
2011-09-04 14:15:32 ----A---- C:\Windows\system32\MFH264Dec.dll
2011-09-04 14:15:31 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-09-04 14:15:31 ----A---- C:\Windows\system32\dxgi.dll
2011-09-04 14:15:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-09-04 14:15:29 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-09-04 14:15:29 ----A---- C:\Windows\system32\mfmp4src.dll
2011-09-04 14:15:29 ----A---- C:\Windows\system32\MFHEAACdec.dll
2011-09-04 14:15:28 ----A---- C:\Windows\system32\stobject.dll
2011-09-04 14:15:28 ----A---- C:\Windows\system32\shdocvw.dll
2011-09-04 14:15:28 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-09-04 14:15:28 ----A---- C:\Windows\system32\mfplat.dll
2011-09-04 14:15:28 ----A---- C:\Windows\system32\mf.dll
2011-09-04 14:15:28 ----A---- C:\Windows\system32\cdd.dll
2011-09-04 14:15:27 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-09-04 14:15:27 ----A---- C:\Windows\system32\mfps.dll
2011-09-04 14:15:12 ----A---- C:\Windows\system32\tzres.dll
2011-09-04 14:15:05 ----A---- C:\Windows\system32\FntCache.dll
2011-09-04 14:15:05 ----A---- C:\Windows\system32\d3d10warp.dll
2011-09-04 14:15:05 ----A---- C:\Windows\system32\d3d10_1.dll
2011-09-04 14:15:05 ----A---- C:\Windows\system32\d3d10.dll
2011-09-04 14:15:05 ----A---- C:\Windows\system32\d2d1.dll
2011-09-04 14:15:04 ----A---- C:\Windows\system32\xpsservices.dll
2011-09-04 14:15:04 ----A---- C:\Windows\system32\DWrite.dll
2011-09-04 14:15:04 ----A---- C:\Windows\system32\d3d10level9.dll
2011-09-04 14:15:04 ----A---- C:\Windows\system32\d3d10core.dll
2011-09-04 14:15:04 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-09-04 14:15:03 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-09-04 14:15:03 ----A---- C:\Windows\system32\OpcServices.dll
2011-09-04 14:14:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-09-04 14:14:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-09-04 14:14:28 ----A---- C:\Windows\system32\xmllite.dll
2011-09-04 14:14:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-09-04 14:11:29 ----A---- C:\Windows\system32\msshsq.dll
2011-09-04 08:59:07 ----D---- C:\Windows\system32\vi-VN
2011-09-04 08:59:07 ----D---- C:\Windows\system32\eu-ES
2011-09-04 08:59:07 ----D---- C:\Windows\system32\ca-ES
2011-09-04 08:01:49 ----D---- C:\Windows\system32\EventProviders
2011-08-30 12:01:20 ----D---- C:\Users\Jirka\AppData\Roaming\My Battle for Middle-earth Files
2011-08-28 10:45:14 ----SHD---- C:\found.000
2011-08-26 20:14:29 ----D---- C:\Users\Jirka\AppData\Roaming\dvdcss
2011-08-16 15:03:47 ----D---- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2011-08-15 14:46:08 ----D---- C:\divx

======List of files/folders modified in the last 1 month======

2011-09-14 19:27:03 ----D---- C:\Program Files\Trend Micro
2011-09-14 19:27:02 ----D---- C:\Windows\TEMP
2011-09-14 19:22:56 ----D---- C:\Windows\System32
2011-09-14 19:22:56 ----D---- C:\Windows\inf
2011-09-14 19:22:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-14 19:21:09 ----D---- C:\Windows\Prefetch
2011-09-14 19:19:31 ----D---- C:\Windows\Tasks
2011-09-14 19:16:51 ----D---- C:\Program Files\Common Files\Akamai
2011-09-14 19:16:34 ----D---- C:\Windows\Minidump
2011-09-14 19:16:25 ----D---- C:\Windows
2011-09-14 19:12:32 ----SHD---- C:\System Volume Information
2011-09-14 17:56:01 ----D---- C:\Program Files
2011-09-14 17:33:22 ----D---- C:\Windows\system32\drivers\AVG
2011-09-14 16:29:37 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-09-14 10:03:47 ----D---- C:\Program Files\Common Files\BioWare
2011-09-14 10:02:13 ----HD---- C:\ProgramData
2011-09-14 10:00:33 ----D---- C:\Program Files\EA GAMES
2011-09-13 23:04:22 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2011-09-13 21:39:31 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2011-09-12 14:55:24 ----D---- C:\Windows\system32\Tasks
2011-09-12 13:50:34 ----D---- C:\Windows\rescache
2011-09-12 13:33:13 ----D---- C:\Windows\system32\cs-CZ
2011-09-12 13:33:12 ----D---- C:\Program Files\Internet Explorer
2011-09-12 13:33:07 ----RD---- C:\Windows\Offline Web Pages
2011-09-12 13:33:07 ----D---- C:\Windows\system32\wbem
2011-09-12 13:33:07 ----D---- C:\Windows\system32\migration
2011-09-12 13:33:07 ----D---- C:\Windows\system32\en-US
2011-09-12 13:33:07 ----D---- C:\Windows\PolicyDefinitions
2011-09-12 13:32:55 ----SD---- C:\Windows\Downloaded Program Files
2011-09-12 12:25:28 ----RSD---- C:\Windows\assembly
2011-09-12 12:25:28 ----D---- C:\Windows\Microsoft.NET
2011-09-12 08:43:40 ----SHD---- C:\Windows\Installer
2011-09-12 08:43:16 ----D---- C:\Windows\winsxs
2011-09-12 08:43:14 ----D---- C:\Windows\system32\catroot
2011-09-12 08:43:13 ----D---- C:\Windows\system32\catroot2
2011-09-12 08:42:56 ----D---- C:\Windows\Logs
2011-09-11 08:51:37 ----D---- C:\Windows\system32\drivers
2011-09-11 08:50:56 ----D---- C:\Program Files\ATI Technologies
2011-09-09 13:26:56 ----D---- C:\Windows\system32\directx
2011-09-09 13:26:53 ----HD---- C:\Windows\msdownld.tmp
2011-09-09 13:14:55 ----SD---- C:\ProgramData\Microsoft
2011-09-09 13:11:52 ----D---- C:\temp
2011-09-09 12:15:24 ----D---- C:\Program Files\Ubisoft
2011-09-08 20:05:08 ----D---- C:\Program Files\Mozilla Firefox
2011-09-08 18:50:10 ----D---- C:\Program Files\Electronic Arts
2011-09-08 07:02:06 ----A---- C:\Windows\win.ini
2011-09-05 09:57:44 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-09-05 09:57:40 ----D---- C:\Windows\system32\zh-HK
2011-09-05 09:57:40 ----D---- C:\Windows\system32\uk-UA
2011-09-05 09:57:40 ----D---- C:\Windows\system32\tr-TR
2011-09-05 09:57:40 ----D---- C:\Windows\system32\th-TH
2011-09-05 09:57:40 ----D---- C:\Windows\system32\sv-SE
2011-09-05 09:57:40 ----D---- C:\Windows\system32\sr-Latn-CS
2011-09-05 09:57:40 ----D---- C:\Windows\system32\sl-SI
2011-09-05 09:57:40 ----D---- C:\Windows\system32\pt-PT
2011-09-05 09:57:40 ----D---- C:\Windows\system32\pt-BR
2011-09-05 09:57:40 ----D---- C:\Windows\system32\pl-PL
2011-09-05 09:57:40 ----D---- C:\Windows\system32\nl-NL
2011-09-05 09:57:40 ----D---- C:\Windows\system32\ko-KR
2011-09-05 09:57:40 ----D---- C:\Windows\system32\it-IT
2011-09-05 09:57:40 ----D---- C:\Windows\system32\hu-HU
2011-09-05 09:57:40 ----D---- C:\Windows\system32\hr-HR
2011-09-05 09:57:40 ----D---- C:\Windows\system32\he-IL
2011-09-05 09:57:40 ----D---- C:\Windows\system32\fr-FR
2011-09-05 09:57:40 ----D---- C:\Windows\system32\fi-FI
2011-09-05 09:57:40 ----D---- C:\Windows\system32\el-GR
2011-09-05 09:57:40 ----D---- C:\Windows\system32\bg-BG
2011-09-05 09:57:39 ----D---- C:\Windows\system32\zh-TW
2011-09-05 09:57:39 ----D---- C:\Windows\system32\zh-CN
2011-09-05 09:57:39 ----D---- C:\Windows\system32\sk-SK
2011-09-05 09:57:39 ----D---- C:\Windows\system32\ru-RU
2011-09-05 09:57:39 ----D---- C:\Windows\system32\ro-RO
2011-09-05 09:57:39 ----D---- C:\Windows\system32\nb-NO
2011-09-05 09:57:39 ----D---- C:\Windows\system32\lv-LV
2011-09-05 09:57:39 ----D---- C:\Windows\system32\lt-LT
2011-09-05 09:57:39 ----D---- C:\Windows\system32\ja-JP
2011-09-05 09:57:39 ----D---- C:\Windows\system32\et-EE
2011-09-05 09:57:39 ----D---- C:\Windows\system32\es-ES
2011-09-05 09:57:39 ----D---- C:\Windows\system32\de-DE
2011-09-05 09:57:39 ----D---- C:\Windows\system32\da-DK
2011-09-05 09:57:39 ----D---- C:\Windows\system32\ar-SA
2011-09-05 09:57:38 ----RSD---- C:\Windows\Fonts
2011-09-05 09:57:37 ----D---- C:\Program Files\Windows Mail
2011-09-05 09:57:20 ----D---- C:\Windows\system32\drivers\UMDF
2011-09-05 08:45:53 ----D---- C:\Program Files\Kalypso Media
2011-09-05 08:01:31 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2011-09-04 09:08:35 ----SHD---- C:\Boot
2011-09-04 08:59:33 ----D---- C:\Program Files\Windows Sidebar
2011-09-04 08:59:33 ----D---- C:\Program Files\Windows Media Player
2011-09-04 08:59:33 ----D---- C:\Program Files\Windows Calendar
2011-09-04 08:59:33 ----D---- C:\Program Files\Movie Maker
2011-09-04 08:59:32 ----D---- C:\Windows\servicing
2011-09-04 08:59:32 ----D---- C:\Program Files\Windows Photo Gallery
2011-09-04 08:59:32 ----D---- C:\Program Files\Windows Journal
2011-09-04 08:59:32 ----D---- C:\Program Files\Windows Defender
2011-09-04 08:59:32 ----D---- C:\Program Files\Windows Collaboration
2011-09-04 08:59:32 ----D---- C:\Program Files\Common Files\System
2011-09-04 08:59:29 ----D---- C:\Windows\system32\XPSViewer
2011-09-04 08:59:29 ----D---- C:\Windows\system32\oobe
2011-09-04 08:59:29 ----D---- C:\Windows\IME
2011-09-04 08:59:28 ----D---- C:\Windows\system32\setup
2011-09-04 08:59:28 ----D---- C:\Windows\system32\cs
2011-09-04 08:59:28 ----D---- C:\Windows\system32\AdvancedInstallers
2011-09-04 08:59:27 ----D---- C:\Windows\system32\SLUI
2011-09-04 08:59:27 ----D---- C:\Windows\system32\manifeststore
2011-09-04 08:59:21 ----D---- C:\Windows\system32\migwiz
2011-09-04 08:59:11 ----D---- C:\Windows\AppPatch
2011-09-04 08:59:07 ----D---- C:\Windows\system32\Boot
2011-09-04 08:57:35 ----D---- C:\Windows\system32\RTCOM
2011-09-04 08:15:13 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2011-09-04 07:54:23 ----D---- C:\Program Files\Microsoft Office
2011-08-24 10:59:00 ----D---- C:\Program Files\Common Files\Steam
2011-08-24 07:44:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-24 07:43:28 ----D---- C:\Program Files\Activision
2011-08-16 15:03:45 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-08-16 14:36:35 ----D---- C:\Program Files\EA SPORTS
2011-08-16 14:26:50 ----D---- C:\Program Files\LucasArts
2011-08-15 14:45:01 ----D---- C:\Users\Jirka\AppData\Roaming\DivX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 7680]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R0 FTT3;FTT3; C:\Windows\system32\DRIVERS\FTT3.sys [2007-08-16 155792]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-06 721904]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-04-05 297168]
R1 oreans32;oreans32; \??\C:\Windows\system32\drivers\oreans32.sys [2009-01-21 33952]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 46652]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-08-09 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-08-09 25888]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 8396800]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624]
R3 DynCal;Dynamic Calibration Service; C:\Windows\system32\drivers\Dyncal.sys [2003-11-14 8192]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-03-02 15664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-07-28 3154920]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 nvmd;Neuratron Ltd - Virtual Midi Port SvcDesc(WDM); C:\Windows\system32\drivers\nvmd2k.sys [2006-02-08 7680]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-05-24 204448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-03-22 262176]
R3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\Windows\system32\drivers\srs_sscfilter.sys [2006-10-09 34048]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 8396800]
S3 ax5t4hpq;ax5t4hpq; C:\Windows\system32\drivers\ax5t4hpq.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2007-04-17 28160]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-05-29 27672]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2005-07-07 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2005-07-07 89872]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2005-07-07 79488]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys [2007-10-18 51200]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-04-02 75136]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9f822e2d7812d;Služba Google Update (gupdate1c9f822e2d7812d); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-28 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-28 183280]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-28 133104]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
S4 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
S4 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S4 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S4 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S4 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S4 SRS Labs License Service;SRS Labs License Service; C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe [2009-08-20 72704]

-----------------EOF-----------------

Re: Padající počítač

Napsal: 14 zář 2011 19:06
od Rudy
Zdravím!
Je tam minimálně AdWare. Poprosím o log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Padající počítač

Napsal: 14 zář 2011 20:40
od gekom1
Je normalni, ze combofix stale pracuje? Jiz temer hodinu chysta log...

Re: Padající počítač

Napsal: 14 zář 2011 20:54
od Rudy
Hodinu je dost dlouhá doba. Pokud nenajdete log v C:\combofix.txt, restartujte PC a zkuste nový sken v nouz. režimu.

Re: Padající počítač

Napsal: 14 zář 2011 21:57
od gekom1
ComboFix 11-09-14.02 - Jirka 14.09.2011 22:33:19.3.2 - x86 MINIMAL
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3325.2762 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-14 do 2011-09-14 )))))))))))))))))))))))))))))))
.
.
2011-09-14 20:44 . 2011-09-14 20:44 -------- d-----w- c:\users\Máťa\AppData\Local\temp
2011-09-14 20:44 . 2011-09-14 20:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-14 20:44 . 2011-09-14 20:44 -------- d-----w- c:\users\Blani\AppData\Local\temp
2011-09-14 17:21 . 2011-09-14 17:21 -------- d-----w- C:\rsit
2011-09-14 15:56 . 2011-09-14 17:11 -------- d-----w- c:\program files\Ultimate Process Manager
2011-09-14 13:43 . 2011-09-14 15:21 -------- d-----w- c:\program files\Red orchestra
2011-09-12 06:40 . 2009-06-03 23:56 675152 ----a-w- c:\windows\system32\gpprefcl.dll
2011-09-12 06:13 . 2011-09-12 06:13 -------- d-----w- c:\users\Blani\AppData\Local\AMD
2011-09-11 06:52 . 2011-09-11 06:52 -------- d-----w- c:\users\Jirka\AppData\Local\AMD
2011-09-11 06:52 . 2011-09-11 06:52 -------- d-----w- c:\programdata\ATI
2011-09-11 06:52 . 2011-09-11 06:52 -------- d-----w- c:\program files\AMD APP
2011-09-11 06:51 . 2011-09-11 06:51 -------- d-----w- c:\programdata\AMD
2011-09-11 06:51 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2011-09-09 11:27 . 2011-09-09 11:27 -------- d-----w- c:\program files\Black_Box
2011-09-09 11:14 . 2011-09-09 11:14 -------- d-----w- c:\program files\Microsoft
2011-09-09 11:14 . 2011-09-09 11:14 -------- d-----w- c:\program files\MSN Toolbar
2011-09-09 11:12 . 2011-09-09 11:15 -------- d-----w- c:\program files\Bing Bar Installer
2011-09-05 13:01 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-09-05 07:57 . 2011-09-05 07:57 -------- d-----w- c:\program files\Windows Portable Devices
2011-09-05 06:57 . 2011-09-13 05:35 -------- d-----w- c:\users\Jirka\AppData\Roaming\Tropico 4
2011-09-05 06:56 . 2011-09-05 06:56 -------- d-----w- c:\users\Jirka\AppData\Roaming\Kalypso Media
2011-09-05 05:21 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-09-05 05:21 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-09-05 05:21 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-09-05 05:21 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-09-05 05:21 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-09-05 05:21 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-09-05 05:21 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-09-05 05:21 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-09-05 05:21 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-09-05 05:21 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-09-05 05:19 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-09-05 05:19 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-09-05 05:19 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-04 12:14 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-04 12:14 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-09-04 12:14 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-09-04 12:14 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-04 12:11 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-09-04 06:59 . 2011-09-04 06:59 -------- d-----w- c:\windows\system32\ca-ES
2011-09-04 06:59 . 2011-09-04 06:59 -------- d-----w- c:\windows\system32\eu-ES
2011-09-04 06:59 . 2011-09-04 06:59 -------- d-----w- c:\windows\system32\vi-VN
2011-09-04 06:01 . 2011-09-04 06:01 -------- d-----w- c:\windows\system32\EventProviders
2011-08-30 10:01 . 2011-09-14 08:00 -------- d-----w- c:\users\Jirka\AppData\Roaming\My Battle for Middle-earth Files
2011-08-28 08:45 . 2011-08-28 08:45 -------- d-----w- C:\found.000
2011-08-26 18:14 . 2011-08-26 18:14 -------- d-----w- c:\users\Jirka\AppData\Roaming\dvdcss
2011-08-26 05:31 . 2011-09-01 16:09 -------- d-----w- c:\users\Jirka\AppData\Local\dxhr
2011-08-24 09:01 . 2011-08-24 09:01 -------- d-----w- c:\users\Jirka\AppData\Local\28050
2011-08-20 06:43 . 2011-08-22 08:00 -------- d-----w- c:\users\Jirka\AppData\Local\Ubisoft Game Launcher
2011-08-16 13:03 . 2011-08-16 13:03 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-28 22:22 . 2011-07-28 22:22 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\system32\atioglxx.dll
2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\system32\aticfx32.dll
2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-28 21:35 . 2011-07-28 21:35 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-28 21:35 . 2011-07-28 21:35 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-28 21:34 . 2008-03-29 04:19 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-07-28 21:33 . 2008-03-29 04:18 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-07-28 21:33 . 2011-07-28 21:33 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-07-28 21:30 . 2011-07-28 21:30 4198912 ----a-w- c:\windows\system32\atidxx32.dll
2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-07-28 21:09 . 2008-03-29 04:05 4256768 ----a-w- c:\windows\system32\atiumdag.dll
2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\system32\aticaldd.dll
2011-07-28 21:03 . 2011-07-28 21:03 4056064 ----a-w- c:\windows\system32\atiumdva.dll
2011-07-28 21:01 . 2011-07-28 21:01 52736 ----a-w- c:\windows\system32\coinst.dll
2011-07-28 20:54 . 2011-07-28 20:54 266240 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-07-28 20:53 . 2011-07-28 20:53 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-07-28 20:52 . 2011-07-28 20:52 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-07-28 15:48 . 2011-07-28 15:48 43520 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\system32\amdocl.dll
2011-07-20 09:05 . 2011-07-20 09:05 6904040 ----a-w- c:\windows\system32\SpoonUninstall.exe
2011-07-06 15:31 . 2011-08-11 06:19 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-09-08 18:05 . 2011-03-24 13:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2009-03-10 2079256]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{657E195F-066D-435C-92DB-7C261E6FE832}]
2011-04-13 12:27 1734656 ----a-w- c:\program files\MusicFrost\Music Frost Toolbar\MFSearch.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{657E195F-066D-435C-92DB-7C261E6FE832}"= "c:\program files\MusicFrost\Music Frost Toolbar\MFSearch.dll" [2011-04-13 1734656]
.
[HKEY_CLASSES_ROOT\clsid\{657e195f-066d-435c-92db-7c261e6fe832}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImpl.1]
[HKEY_CLASSES_ROOT\TypeLib\{B53860A8-B905-4879-876F-EC18E33C623B}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImpl]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-28 9398888]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Philips Device Listener"="c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2010-12-07 380416]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-04-26 593920]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
.
c:\users\Blani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DualCoreCenter.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DualCoreCenter.lnk
backup=c:\windows\pss\DualCoreCenter.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Neuratron AudioScore Input Assistant.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Neuratron AudioScore Input Assistant.lnk
backup=c:\windows\pss\Neuratron AudioScore Input Assistant.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Service Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk]
path=c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk
backup=c:\windows\pss\GameRanger.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 12:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 11:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-07 06:23 323392 ----a-w- c:\users\Jirka\Program Files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-07-24 15:02 490952 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
2008-08-19 07:47 1795656 ----a-w- c:\program files\FlashGet Network\FlashGet universal\flashget.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-10-01 17:37 133104 ----atw- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-03-30 08:36 267048 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-02-29 02:12 76304 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-09 16:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
2009-11-20 11:17 106496 ----a-w- c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-11-06 06:49 2975640 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Checkup]
2007-08-02 00:08 3965440 ----a-w- c:\program files\Speeditup Free\PCCheckUp\PCCheckUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-03-14 23:50 233472 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-13 07:31 413696 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
2003-01-16 10:32 49152 ----a-w- c:\program files\VibrateGameDeviceDriver\rfpicon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-07-28 10:23 9398888 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
2008-08-13 03:49 405504 ----a-w- c:\program files\Creative\Software Update 3\SoftAuto.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItUpEX]
2009-06-27 23:51 2274816 ----a-w- c:\program files\Speeditup Free\SpeedItUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-01-28 09:43 2097488 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-07-28 15:49 336384 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2008-11-17 10:32 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-06-28 19:01 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System]
2010-03-05 22:17 10752 ----a-w- c:\users\Jirka\Music\lst.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9f822e2d7812d;Služba Google Update (gupdate1c9f822e2d7812d);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 133104]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624]
R3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [2007-04-17 28160]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 133104]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [2007-10-17 51200]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R4 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
S0 FTT3;FTT3;c:\windows\system32\DRIVERS\FTT3.sys [2007-08-16 155792]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-06 721904]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\Dyncal.sys [2003-11-14 8192]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-29 19:01]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 19:01]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 19:01]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986875297-340200409-3094631514-1000Core.job
- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-01 17:37]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986875297-340200409-3094631514-1000UA.job
- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-01 17:37]
.
2011-09-14 c:\windows\Tasks\Norton Security Scan for Jirka.job
- c:\progra~1\Norton Security Scan\Engine\3.1.1.6\Nss.exe [2011-05-03 10:23]
.
2011-09-14 c:\windows\Tasks\User_Feed_Synchronization-{1DEDDC81-4969-48BD-8D06-32460024C50B}.job
- c:\windows\system32\msfeedssync.exe [2011-09-12 06:42]
.
2011-09-14 c:\windows\Tasks\User_Feed_Synchronization-{6BB5D357-3322-4BA2-8AA1-3C848DF155E9}.job
- c:\windows\system32\msfeedssync.exe [2011-09-12 06:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.mystart.com?pr=photopos2_0
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = <local>
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download ALL with IDA
IE: Download with &Shareaza - c:\program files\Morpheus Music\Plugins\RazaWebHook.dll/3000
IE: Download with IDA
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {320BF8A9-57F9-4061-A13B-35CB56A87C48} - hxxp://www.editionglobalmusic.com/SafePrint.dll
DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} - hxxps://register.creative.com/register/OCXs/CtORWebClientNoMFC.cab
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\hk5h09ep.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-Dream Desktop Agent - c:\program files\Dream Desktop Agent\dreamdesktop.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-ICQ - ~c:\program files\ICQ7.2\ICQ.exe
MSConfigStartUp-Mobile Connectivity Suite - c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
MSConfigStartUp-SearchSettings - c:\program files\Dealio Toolbar\SearchSettings.exe
MSConfigStartUp-Steam - c:\program files\steam\steam.exe
MSConfigStartUp-TkBellExe - c:\program files\K-Lite Codec Pack\Real\Update_OB\realsched.exe
AddRemove-Acoustica Effects Pack - c:\progra~1\ACOUST~2\UNWISE.EXE
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.5\uninstall.exe
AddRemove-RealJukebox 1.0 - c:\program files\K-Lite Codec Pack\Real\Update_OB\r1puninst.exe
AddRemove-RealPlayer 6.0 - c:\program files\K-Lite Codec Pack\Real\Update_OB\r1puninst.exe
AddRemove-µTorrent CZ_is1 - c:\program files\uTorrent\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-14 22:44
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{347BB770-8DC7-00C2-C9B9-FA9092ACBE79}*]
"bbkaeaflmdcpeilbmdkllidbdninkkdnbekp"=hex:61,61,00,00
"abkaeaflmdcpeilbmdpbjmibomgjkkcojp"=hex:61,61,00,00
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9CF430E2-34F8-EBDF-9DE9-C104D292152D}*]
"oamhpliepppnakdgdpkockabggkhef"=hex:64,61,6c,64,62,67,68,6b,00,27
"oaafhnckffngppmmhaljlodkloepgd"=hex:6a,61,62,67,6a,6d,6a,6a,69,63,6b,6f,68,69,
6d,6a,6b,61,68,64,00,00
"naggfmpgilhoigkfbapdbhoajece"=hex:69,61,6c,64,64,66,65,65,6e,62,6e,69,62,6b,
65,65,6d,6c,00,00
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A59FF146-3702-18FC-8A29-724B50510148}*]
@Allowed: (Read) (RestrictedCode)
"fadhhhnabimd"=hex:66,61,6a,6b,66,68,6c,6f,6d,62,6d,68,00,ff
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C2DC7D45-CCC3-779E-EA43-30FD39B236FA}*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:33,04,89,75,e9,1c,d7,f4,0e,1d,68,ba,8a,d8,90,a1,cc,9d,05,7e,aa,87,51,
6e,12,ed,2e,97,0e,db,05,33,ec,48,43,98,2c,1f,17,9a,c0,8a,e0,c5,05,44,b6,e2,\
"??"=hex:1f,02,15,18,10,14,75,7a,a3,6f,64,e7,e8,36,8e,2c
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\SecuROM\License information*]
"datasecu"=hex:b0,20,b8,22,ed,1f,45,62,c5,e5,12,e2,72,b5,fd,6a,12,b1,77,87,cf,
5d,9f,72,cb,5a,af,0c,fa,bd,24,22,0e,c0,cd,bb,d4,1b,94,0b,9d,00,28,07,53,27,\
"rkeysecu"=hex:29,3c,3a,8a,f1,2b,e0,89,62,c5,85,79,30,c3,96,6a
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-09-14 22:47:05
ComboFix-quarantined-files.txt 2011-09-14 20:46
ComboFix2.txt 2008-05-23 19:05
.
Před spuštěním: Volných bajtů: 77 967 495 168
Po spuštění: Volných bajtů: 77 629 272 064
.
- - End Of File - - 61428397050D323BF560835774F5E9FF

Re: Padající počítač

Napsal: 14 zář 2011 21:59
od gekom1
Trvalo to dlouho ale přece...

Re: Padající počítač

Napsal: 14 zář 2011 22:07
od Rudy
Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Driver::
Akamai

Firefox::
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\hk5h09ep.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.1&q=

Regnull::
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{347BB770-8DC7-00C2-C9B9-FA9092ACBE79}*]
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9CF430E2-34F8-EBDF-9DE9-C104D292152D}*]
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A59FF146-3702-18FC-8A29-724B50510148}*]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Padající počítač

Napsal: 14 zář 2011 22:34
od gekom1
dle pokynů hotovo
---------------------------------------------------

ComboFix 11-09-14.02 - Jirka 14.09.2011 23:14:17.3.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3325.2118 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Akamai
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-14 do 2011-09-14 )))))))))))))))))))))))))))))))
.
.
2011-09-14 21:22 . 2011-09-14 21:22 -------- d-----w- c:\users\Máťa\AppData\Local\temp
2011-09-14 21:22 . 2011-09-14 21:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-14 21:22 . 2011-09-14 21:22 -------- d-----w- c:\users\Blani\AppData\Local\temp
2011-09-14 20:47 . 2011-09-14 21:25 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2011-09-14 17:21 . 2011-09-14 17:21 -------- d-----w- C:\rsit
2011-09-14 15:56 . 2011-09-14 17:11 -------- d-----w- c:\program files\Ultimate Process Manager
2011-09-14 13:43 . 2011-09-14 15:21 -------- d-----w- c:\program files\Red orchestra
2011-09-12 06:40 . 2009-06-03 23:56 675152 ----a-w- c:\windows\system32\gpprefcl.dll
2011-09-12 06:13 . 2011-09-12 06:13 -------- d-----w- c:\users\Blani\AppData\Local\AMD
2011-09-11 06:52 . 2011-09-11 06:52 -------- d-----w- c:\users\Jirka\AppData\Local\AMD
2011-09-11 06:52 . 2011-09-11 06:52 -------- d-----w- c:\programdata\ATI
2011-09-11 06:52 . 2011-09-11 06:52 -------- d-----w- c:\program files\AMD APP
2011-09-11 06:51 . 2011-09-11 06:51 -------- d-----w- c:\programdata\AMD
2011-09-11 06:51 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2011-09-09 11:27 . 2011-09-09 11:27 -------- d-----w- c:\program files\Black_Box
2011-09-09 11:14 . 2011-09-09 11:14 -------- d-----w- c:\program files\Microsoft
2011-09-09 11:14 . 2011-09-09 11:14 -------- d-----w- c:\program files\MSN Toolbar
2011-09-09 11:12 . 2011-09-09 11:15 -------- d-----w- c:\program files\Bing Bar Installer
2011-09-05 13:01 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-09-05 07:57 . 2011-09-05 07:57 -------- d-----w- c:\program files\Windows Portable Devices
2011-09-05 06:57 . 2011-09-13 05:35 -------- d-----w- c:\users\Jirka\AppData\Roaming\Tropico 4
2011-09-05 06:56 . 2011-09-05 06:56 -------- d-----w- c:\users\Jirka\AppData\Roaming\Kalypso Media
2011-09-05 05:21 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-09-05 05:21 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-09-05 05:21 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-09-05 05:21 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-09-05 05:21 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-09-05 05:21 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-09-05 05:21 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-09-05 05:21 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-09-05 05:21 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-09-05 05:21 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-09-05 05:19 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-09-05 05:19 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-09-05 05:19 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-04 12:14 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-04 12:14 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-09-04 12:14 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-09-04 12:14 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-04 12:11 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-09-04 06:59 . 2011-09-04 06:59 -------- d-----w- c:\windows\system32\ca-ES
2011-09-04 06:59 . 2011-09-04 06:59 -------- d-----w- c:\windows\system32\eu-ES
2011-09-04 06:59 . 2011-09-04 06:59 -------- d-----w- c:\windows\system32\vi-VN
2011-09-04 06:01 . 2011-09-04 06:01 -------- d-----w- c:\windows\system32\EventProviders
2011-08-30 10:01 . 2011-09-14 08:00 -------- d-----w- c:\users\Jirka\AppData\Roaming\My Battle for Middle-earth Files
2011-08-28 08:45 . 2011-08-28 08:45 -------- d-----w- C:\found.000
2011-08-26 18:14 . 2011-08-26 18:14 -------- d-----w- c:\users\Jirka\AppData\Roaming\dvdcss
2011-08-26 05:31 . 2011-09-01 16:09 -------- d-----w- c:\users\Jirka\AppData\Local\dxhr
2011-08-24 09:01 . 2011-08-24 09:01 -------- d-----w- c:\users\Jirka\AppData\Local\28050
2011-08-20 06:43 . 2011-08-22 08:00 -------- d-----w- c:\users\Jirka\AppData\Local\Ubisoft Game Launcher
2011-08-16 13:03 . 2011-08-16 13:03 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-28 22:22 . 2011-07-28 22:22 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\system32\atioglxx.dll
2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\system32\aticfx32.dll
2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-28 21:35 . 2011-07-28 21:35 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-28 21:35 . 2011-07-28 21:35 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-28 21:34 . 2008-03-29 04:19 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-07-28 21:33 . 2008-03-29 04:18 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-07-28 21:33 . 2011-07-28 21:33 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-07-28 21:30 . 2011-07-28 21:30 4198912 ----a-w- c:\windows\system32\atidxx32.dll
2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-07-28 21:09 . 2008-03-29 04:05 4256768 ----a-w- c:\windows\system32\atiumdag.dll
2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\system32\aticaldd.dll
2011-07-28 21:03 . 2011-07-28 21:03 4056064 ----a-w- c:\windows\system32\atiumdva.dll
2011-07-28 21:01 . 2011-07-28 21:01 52736 ----a-w- c:\windows\system32\coinst.dll
2011-07-28 20:54 . 2011-07-28 20:54 266240 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-07-28 20:53 . 2011-07-28 20:53 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-07-28 20:52 . 2011-07-28 20:52 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-07-28 15:48 . 2011-07-28 15:48 43520 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\system32\amdocl.dll
2011-07-20 09:05 . 2011-07-20 09:05 6904040 ----a-w- c:\windows\system32\SpoonUninstall.exe
2011-07-06 15:31 . 2011-08-11 06:19 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-09-08 18:05 . 2011-03-24 13:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2009-03-10 2079256]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{657E195F-066D-435C-92DB-7C261E6FE832}]
2011-04-13 12:27 1734656 ----a-w- c:\program files\MusicFrost\Music Frost Toolbar\MFSearch.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{657E195F-066D-435C-92DB-7C261E6FE832}"= "c:\program files\MusicFrost\Music Frost Toolbar\MFSearch.dll" [2011-04-13 1734656]
.
[HKEY_CLASSES_ROOT\clsid\{657e195f-066d-435c-92db-7c261e6fe832}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImpl.1]
[HKEY_CLASSES_ROOT\TypeLib\{B53860A8-B905-4879-876F-EC18E33C623B}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImpl]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-28 9398888]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Philips Device Listener"="c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2010-12-07 380416]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-04-26 593920]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
.
c:\users\Blani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DualCoreCenter.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DualCoreCenter.lnk
backup=c:\windows\pss\DualCoreCenter.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Neuratron AudioScore Input Assistant.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Neuratron AudioScore Input Assistant.lnk
backup=c:\windows\pss\Neuratron AudioScore Input Assistant.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Service Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk]
path=c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk
backup=c:\windows\pss\GameRanger.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 12:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 11:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-07 06:23 323392 ----a-w- c:\users\Jirka\Program Files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-07-24 15:02 490952 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
2008-08-19 07:47 1795656 ----a-w- c:\program files\FlashGet Network\FlashGet universal\flashget.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-10-01 17:37 133104 ----atw- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-03-30 08:36 267048 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-02-29 02:12 76304 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-09 16:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
2009-11-20 11:17 106496 ----a-w- c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-11-06 06:49 2975640 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC-Checkup]
2007-08-02 00:08 3965440 ----a-w- c:\program files\Speeditup Free\PCCheckUp\PCCheckUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-03-14 23:50 233472 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-13 07:31 413696 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
2003-01-16 10:32 49152 ----a-w- c:\program files\VibrateGameDeviceDriver\rfpicon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-07-28 10:23 9398888 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
2008-08-13 03:49 405504 ----a-w- c:\program files\Creative\Software Update 3\SoftAuto.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItUpEX]
2009-06-27 23:51 2274816 ----a-w- c:\program files\Speeditup Free\SpeedItUp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-01-28 09:43 2097488 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-07-28 15:49 336384 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2008-11-17 10:32 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-06-28 19:01 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System]
2010-03-05 22:17 10752 ----a-w- c:\users\Jirka\Music\lst.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9f822e2d7812d;Služba Google Update (gupdate1c9f822e2d7812d);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 133104]
R3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [2007-04-17 28160]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 133104]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [2007-10-17 51200]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R4 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
S0 FTT3;FTT3;c:\windows\system32\DRIVERS\FTT3.sys [2007-08-16 155792]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-06 721904]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624]
S3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\Dyncal.sys [2003-11-14 8192]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-29 19:01]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 19:01]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 19:01]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986875297-340200409-3094631514-1000Core.job
- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-01 17:37]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986875297-340200409-3094631514-1000UA.job
- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-01 17:37]
.
2011-09-14 c:\windows\Tasks\Norton Security Scan for Jirka.job
- c:\progra~1\Norton Security Scan\Engine\3.1.1.6\Nss.exe [2011-05-03 10:23]
.
2011-09-14 c:\windows\Tasks\User_Feed_Synchronization-{1DEDDC81-4969-48BD-8D06-32460024C50B}.job
- c:\windows\system32\msfeedssync.exe [2011-09-12 06:42]
.
2011-09-14 c:\windows\Tasks\User_Feed_Synchronization-{6BB5D357-3322-4BA2-8AA1-3C848DF155E9}.job
- c:\windows\system32\msfeedssync.exe [2011-09-12 06:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.mystart.com?pr=photopos2_0
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = <local>
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download ALL with IDA
IE: Download with &Shareaza - c:\program files\Morpheus Music\Plugins\RazaWebHook.dll/3000
IE: Download with IDA
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {320BF8A9-57F9-4061-A13B-35CB56A87C48} - hxxp://www.editionglobalmusic.com/SafePrint.dll
DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} - hxxps://register.creative.com/register/OCXs/CtORWebClientNoMFC.cab
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\hk5h09ep.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-14 23:25
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:33,04,89,75,e9,1c,d7,f4,0e,1d,68,ba,8a,d8,90,a1,cc,9d,05,7e,aa,87,51,
6e,12,ed,2e,97,0e,db,05,33,ec,48,43,98,2c,1f,17,9a,c0,8a,e0,c5,05,44,b6,e2,\
"??"=hex:1f,02,15,18,10,14,75,7a,a3,6f,64,e7,e8,36,8e,2c
.
[HKEY_USERS\S-1-5-21-3986875297-340200409-3094631514-1000\Software\SecuROM\License information*]
"datasecu"=hex:b0,20,b8,22,ed,1f,45,62,c5,e5,12,e2,72,b5,fd,6a,12,b1,77,87,cf,
5d,9f,72,cb,5a,af,0c,fa,bd,24,22,0e,c0,cd,bb,d4,1b,94,0b,9d,00,28,07,53,27,\
"rkeysecu"=hex:29,3c,3a,8a,f1,2b,e0,89,62,c5,85,79,30,c3,96,6a
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG10\avgchsvx.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\AVG\AVG10\avgnsx.exe
c:\program files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\progra~1\AVG\AVG10\avgrsx.exe
c:\program files\AVG\AVG10\avgcsrvx.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-09-14 23:32:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-14 21:31
ComboFix2.txt 2011-09-14 20:47
ComboFix3.txt 2008-05-23 19:05
.
Před spuštěním: Volných bajtů: 74 308 976 640
Po spuštění: Volných bajtů: 74 231 496 704
.
- - End Of File - - 190EE0A75A4FC78A50BB994A7E9CC3E9

Re: Padající počítač

Napsal: 15 zář 2011 06:47
od gekom1
Prosím o kontrolu logu po výmazu Combofix...

Re: Padající počítač

Napsal: 15 zář 2011 16:39
od Rudy
Smazáno, log již vypadá čistý. Ještě můžete, (pokud nepoužíváte) odinstalovet přes přidat/ubrat programy vše, co obsahuje slovo Toolbar, nebo Bar. jsou to lišty, které téměř nikdo nepoužívá a zbytečně zpomalují systém. Nastala nějaká změna?

Re: Padající počítač

Napsal: 15 zář 2011 18:40
od gekom1
Dík moc za pomoc :) Od včera nehlášeny žádné náhlé pády systému...

Re: Padající počítač

Napsal: 15 zář 2011 19:08
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz