prevence :p

Zpráva

Parkoslav1992 · #1 Příspěvek od **Parkoslav1992** » 29 říj 2011 13:15

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jarda at 2011-10-29 14:08:50
Microsoft Windows 7 Ultimate
System drive C: has 9 GB (18%) free of 50 GB
Total RAM: 2814 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:14:09, on 29.10.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\update.tray-8-0\svchost.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe
C:\Program Files\Synaptics\Scrybe\scrybe.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\Downloads\RSIT.exe
C:\Program Files\trend micro\Jarda.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-8-0\svchost.exe
O4 - HKCU\..\Run: [AIMP2] C:\Program Files\AIMP2\AIMP2.exe
O4 - HKCU\..\Run: [BackgroundSwitcher] "C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-21-1231980872-3630433492-3231682891-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1231980872-3630433492-3231682891-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Scrybe.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\QIP Infium\infium.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - (no file)
O23 - Service: AMD FusionUtility Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\AMD\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira Realtime Protection (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\Windows\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\Windows\system32\lktsrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\Windows\system32\nisvcloc.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: wxpdrivers - Cronosoft - C:\Windows\update.1\svchost.exe

--
End of file - 10053 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default

prefs.js - "browser.startup.homepage" - "http://ahoolly.com"
prefs.js - "extensions.enabledItems" - "{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
FlashGet3.xpi
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
fcmdSrch.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\extensions\
ffxtlbr@Facemoods.com
{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
{6236BA26-C117-4007-928C-DE0716C7FA80}
{6236BA26-C117-4007-928C-DE0716C7FA96}
{6236BA26-C117-4007-928C-DE0716C7FA99}
{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-06 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-10-06 273528]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"TaskTray"= []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"wxpdrv"=C:\Windows\services32.exe [2011-10-28 1198080]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min []
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-8-0\svchost.exe [2011-10-28 1198080]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"=C:\Program Files\AIMP2\AIMP2.exe [2010-08-07 1262592]
"BackgroundSwitcher"=C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe [2010-11-10 119104]
"Facebook Update"=C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 137536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Scrybe.lnk - C:\Windows\Installer\{5772FC28-D1DD-4D9D-8D7F-97C542162A41}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-11 203776]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-07-14 105984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Jarda\Desktop\Flash-Player.exe"="C:\Users\Jarda\Desktop\Flash-Player.exe:*:Enabled:C:\Users\Jarda\Desktop\Flash-Player.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:"
"C:\Windows\services32.exe"="C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"vidc.mjpg"=pvmjpg30.dll
"vidc.ffds"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-10-29 14:05:59 ----D---- C:\Windows\av_ico
2011-10-29 14:03:57 ----HD---- C:\Windows\update.1
2011-10-29 14:03:54 ----HD---- C:\Windows\update.tray-8-0-lnk
2011-10-29 14:03:54 ----HD---- C:\Windows\update.tray-8-0
2011-10-29 13:48:15 ----A---- C:\Windows\winlog-ids.txt
2011-10-29 13:48:15 ----A---- C:\Windows\winlog-dirs.txt
2011-10-29 13:42:31 ----D---- C:\$RECYCLE.BIN
2011-10-29 13:39:08 ----D---- C:\Windows\temp
2011-10-29 13:19:35 ----DC---- C:\Users\Jarda\AppData\Roaming\Avira
2011-10-29 13:18:24 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2011-10-29 13:18:22 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-10-29 13:18:22 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-10-29 13:18:22 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-10-29 13:17:09 ----A---- C:\Windows\zip.exe
2011-10-29 13:17:09 ----A---- C:\Windows\SWREG.exe
2011-10-29 13:17:09 ----A---- C:\Windows\sed.exe
2011-10-29 13:17:09 ----A---- C:\Windows\PEV.exe
2011-10-29 13:17:09 ----A---- C:\Windows\NIRCMD.exe
2011-10-29 13:17:09 ----A---- C:\Windows\MBR.exe
2011-10-29 13:17:09 ----A---- C:\Windows\grep.exe
2011-10-29 13:17:08 ----A---- C:\Windows\SWSC.exe
2011-10-29 13:16:56 ----D---- C:\Windows\ERDNT
2011-10-29 13:16:54 ----D---- C:\ComboFix
2011-10-29 13:15:52 ----AD---- C:\Qoobox
2011-10-29 09:15:25 ----D---- C:\Windows\ufa
2011-10-29 09:09:05 ----A---- C:\Windows\btc_client_iplist.txt
2011-10-28 09:28:40 ----DC---- C:\Program Files\DiskCheckerXP
2011-10-28 08:16:59 ----A---- C:\Windows\unrar.exe
2011-10-28 08:16:24 ----A---- C:\Windows\iecheck_iplist.txt
2011-10-28 08:15:21 ----A---- C:\Windows\iplist.txt
2011-10-28 08:14:42 ----A---- C:\Windows\front_ip_list.txt
2011-10-28 08:14:31 ----A---- C:\Windows\services32.exe
2011-10-25 16:27:18 ----DC---- C:\Program Files\Common Files\PCSuite
2011-10-25 16:01:08 ----A---- C:\Windows\system32\nvhdap32.dll
2011-10-25 16:01:08 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2011-10-25 16:01:07 ----A---- C:\Windows\system32\nvhdagenco3220102.dll
2011-10-25 16:01:07 ----A---- C:\Windows\system32\nvapo32v.dll
2011-10-25 16:00:52 ----A---- C:\Windows\system32\OpenCL.dll
2011-10-25 16:00:51 ----A---- C:\Windows\system32\nvoglv32.dll
2011-10-25 16:00:51 ----A---- C:\Windows\system32\nvcuvid.dll
2011-10-25 16:00:51 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-10-25 16:00:51 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-10-25 16:00:50 ----A---- C:\Windows\system32\nvcuda.dll
2011-10-25 16:00:50 ----A---- C:\Windows\system32\nvcompiler.dll
2011-10-25 15:50:05 ----D---- C:\NVIDIA
2011-10-25 11:14:52 ----DC---- C:\Program Files\Music NFO Builder
2011-10-19 15:28:34 ----DC---- C:\Users\Jarda\AppData\Roaming\NVIDIA
2011-10-16 19:48:12 ----DC---- C:\Program Files\Common Files\PX Storage Engine
2011-10-16 19:38:33 ----D---- C:\ProgramData\DivX
2011-10-14 21:52:40 ----D---- C:\Windows\system32\SPReview
2011-10-14 10:25:57 ----D---- C:\Windows\system32\sda
2011-10-14 10:22:13 ----A---- C:\Windows\system32\RtsUStoricon.dll
2011-10-14 10:22:13 ----A---- C:\Windows\system32\drivers\RtsUStor.sys
2011-10-14 10:22:12 ----DC---- C:\Program Files\Realtek
2011-10-14 10:22:12 ----A---- C:\Windows\system32\RtsUStor.dll
2011-10-14 09:34:10 ----DC---- C:\Program Files\Driver-Soft
2011-10-13 15:10:46 ----DC---- C:\Users\Jarda\AppData\Roaming\johnsadventures.com
2011-10-13 15:10:20 ----DC---- C:\Program Files\johnsadventures.com
2011-10-13 11:16:25 ----DC---- C:\Program Files\changeit
2011-10-12 16:58:07 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 16:58:06 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 16:58:05 ----A---- C:\Windows\system32\jscript.dll
2011-10-12 16:58:05 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 16:58:04 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 16:58:04 ----A---- C:\Windows\system32\jscript9.dll
2011-10-12 16:58:03 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 16:58:02 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 16:58:02 ----A---- C:\Windows\system32\url.dll
2011-10-12 16:58:01 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 16:57:58 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 15:58:28 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 15:58:28 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 15:58:26 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 15:58:23 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 15:56:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-10-12 15:56:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-10-12 15:55:25 ----A---- C:\Windows\system32\kernel32.dll
2011-10-12 15:55:25 ----A---- C:\Windows\system32\conhost.exe
2011-10-12 15:55:24 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-10-12 15:55:24 ----A---- C:\Windows\system32\winsrv.dll
2011-10-12 15:55:24 ----A---- C:\Windows\system32\KernelBase.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-10-12 15:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-10-12 15:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-10-12 15:55:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-10-12 15:54:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-10-12 15:54:42 ----A---- C:\Windows\system32\tzres.dll
2011-10-12 15:54:33 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-10-12 15:54:33 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-10-12 15:48:17 ----A---- C:\Windows\system32\odbcjt32.dll
2011-10-12 15:48:17 ----A---- C:\Windows\system32\odbccu32.dll
2011-10-12 15:48:17 ----A---- C:\Windows\system32\odbccr32.dll
2011-10-12 15:48:16 ----A---- C:\Windows\system32\odbctrac.dll
2011-10-12 15:48:16 ----A---- C:\Windows\system32\odbccp32.dll
2011-10-10 19:32:58 ----D---- C:\ProgramData\GroupPolicy
2011-10-10 18:53:37 ----DC---- C:\Program Files\Yamicsoft
2011-10-10 17:39:12 ----DC---- C:\Program Files\PC Connectivity Solution
2011-10-06 21:35:42 ----DC---- C:\Program Files\Common Files\xing shared
2011-10-06 21:35:24 ----A---- C:\Windows\system32\rmoc3260.dll
2011-10-06 21:35:12 ----A---- C:\Windows\system32\pndx5032.dll
2011-10-06 21:35:12 ----A---- C:\Windows\system32\pndx5016.dll
2011-10-06 21:34:55 ----DC---- C:\Program Files\Real
2011-10-06 21:34:54 ----D---- C:\ProgramData\Real
2011-10-06 21:34:53 ----DC---- C:\Users\Jarda\AppData\Roaming\Real
2011-10-06 13:38:16 ----A---- C:\Windows\system32\drivers\amdiox86.sys
2011-10-06 13:38:03 ----DC---- C:\Program Files\AMD
2011-10-06 13:38:02 ----D---- C:\ProgramData\AMD
2011-10-06 13:21:48 ----D---- C:\SwSetup
2011-10-06 10:37:08 ----DC---- C:\Users\Jarda\AppData\Roaming\VS Revo Group
2011-10-05 16:35:10 ----DC---- C:\Users\Jarda\AppData\Roaming\Synaptics
2011-10-05 16:28:04 ----D---- C:\ProgramData\Synaptics
2011-10-05 16:20:43 ----A---- C:\Windows\system32\SynTPCo6.dll
2011-10-05 15:54:54 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-10-05 15:54:34 ----D---- C:\ProgramData\NVIDIA Corporation
2011-10-05 15:53:25 ----A---- C:\Windows\system32\nvhdagenco322040.dll
2011-10-05 15:53:15 ----A---- C:\Windows\system32\nvgenco32.dll
2011-10-05 15:53:15 ----A---- C:\Windows\system32\nvdispco32.dll
2011-10-04 15:30:41 ----DC---- C:\Program Files\The KMPlayer
2011-10-04 11:27:29 ----DC---- C:\Users\Jarda\AppData\Roaming\AIMP

======List of files/folders modified in the last 1 month======

2011-10-29 14:13:15 ----DC---- C:\Users\Jarda\AppData\Roaming\uTorrent
2011-10-29 14:08:51 ----DC---- C:\Program Files\trend micro
2011-10-29 14:06:00 ----D---- C:\Windows\system32\config
2011-10-29 14:05:59 ----D---- C:\Windows
2011-10-29 14:03:57 ----RDC---- C:\Program Files
2011-10-29 14:03:57 ----D---- C:\ProgramData
2011-10-29 13:49:10 ----D---- C:\Windows\SoftwareDistribution
2011-10-29 13:42:49 ----A---- C:\Windows\system.ini
2011-10-29 13:30:58 ----D---- C:\Windows\system32\drivers
2011-10-29 13:30:58 ----D---- C:\Windows\System32
2011-10-29 13:30:58 ----D---- C:\Windows\AppPatch
2011-10-29 13:30:55 ----DC---- C:\Program Files\Common Files
2011-10-29 13:25:09 ----SHD---- C:\System Volume Information
2011-10-29 13:18:59 ----D---- C:\Windows\system32\catroot
2011-10-29 13:03:58 ----SD---- C:\ProgramData\Microsoft
2011-10-29 12:58:45 ----D---- C:\Windows\system32\Tasks
2011-10-29 11:42:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-29 11:42:07 ----D---- C:\Windows\inf
2011-10-29 10:47:15 ----D---- C:\Windows\Downloaded Program Files
2011-10-29 10:09:12 ----DC---- C:\Program Files\Opera
2011-10-28 08:16:17 ----D---- C:\Windows\system32\drivers\etc
2011-10-27 21:25:11 ----DC---- C:\Users\Jarda\AppData\Roaming\esmska
2011-10-25 17:58:54 ----D---- C:\Windows\tracing
2011-10-25 16:34:59 ----DC---- C:\Users\Jarda\AppData\Roaming\PC Suite
2011-10-25 16:29:09 ----D---- C:\Windows\system32\DriverStore
2011-10-25 16:29:06 ----SHD---- C:\Windows\Installer
2011-10-25 16:29:04 ----D---- C:\Config.Msi
2011-10-25 16:27:17 ----DC---- C:\Program Files\Nokia
2011-10-25 16:27:17 ----DC---- C:\Program Files\Common Files\Nokia
2011-10-25 16:22:02 ----D---- C:\ProgramData\Installations
2011-10-25 16:06:46 ----D---- C:\ProgramData\NVIDIA
2011-10-25 16:03:54 ----D---- C:\Windows\system32\catroot2
2011-10-25 11:28:02 ----DC---- C:\Program Files\uTorrent
2011-10-25 10:26:32 ----DC---- C:\Users\Jarda\AppData\Roaming\Skype
2011-10-24 15:32:00 ----D---- C:\Windows\Prefetch
2011-10-19 22:25:22 ----DC---- C:\Users\Jarda\AppData\Roaming\DivX
2011-10-19 15:27:30 ----D---- C:\Windows\Tasks
2011-10-18 09:58:07 ----DC---- C:\Program Files\Application Updater
2011-10-18 09:47:43 ----DC---- C:\Program Files\ESET
2011-10-16 19:52:24 ----DC---- C:\Program Files\DivX
2011-10-16 19:52:22 ----DC---- C:\Program Files\Common Files\DivX Shared
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvvsvc.exe
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvsvcr.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvsvc.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvshext.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvmctray.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvhotkey.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvd3dum.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvcpl.dll
2011-10-15 10:53:00 ----A---- C:\Windows\system32\nvapi.dll
2011-10-14 11:47:01 ----D---- C:\ProgramData\Microsoft Help
2011-10-14 10:24:57 ----HDC---- C:\Program Files\InstallShield Installation Information
2011-10-13 10:23:12 ----D---- C:\Windows\winsxs
2011-10-12 21:28:29 ----D---- C:\ProgramData\Pinnacle
2011-10-12 20:16:46 ----D---- C:\Windows\Microsoft.NET
2011-10-12 20:16:40 ----RSD---- C:\Windows\assembly
2011-10-12 18:16:50 ----D---- C:\Windows\debug
2011-10-12 17:19:58 ----D---- C:\Windows\ehome
2011-10-12 17:19:57 ----DC---- C:\Program Files\Internet Explorer
2011-10-12 17:19:57 ----D---- C:\Windows\system32\migration
2011-10-12 17:19:55 ----D---- C:\Windows\system32\zh-TW
2011-10-12 17:19:55 ----D---- C:\Windows\system32\zh-CN
2011-10-12 17:19:55 ----D---- C:\Windows\system32\uk-UA
2011-10-12 17:19:55 ----D---- C:\Windows\system32\th-TH
2011-10-12 17:19:55 ----D---- C:\Windows\system32\sv-SE
2011-10-12 17:19:55 ----D---- C:\Windows\system32\sr-Latn-CS
2011-10-12 17:19:55 ----D---- C:\Windows\system32\sl-SI
2011-10-12 17:19:55 ----D---- C:\Windows\system32\sk-SK
2011-10-12 17:19:55 ----D---- C:\Windows\system32\ru-RU
2011-10-12 17:19:55 ----D---- C:\Windows\system32\ro-RO
2011-10-12 17:19:55 ----D---- C:\Windows\system32\pt-BR
2011-10-12 17:19:55 ----D---- C:\Windows\system32\pl-PL
2011-10-12 17:19:55 ----D---- C:\Windows\system32\nl-NL
2011-10-12 17:19:55 ----D---- C:\Windows\system32\nb-NO
2011-10-12 17:19:55 ----D---- C:\Windows\system32\ko-KR
2011-10-12 17:19:55 ----D---- C:\Windows\system32\it-IT
2011-10-12 17:19:55 ----D---- C:\Windows\system32\hr-HR
2011-10-12 17:19:55 ----D---- C:\Windows\system32\he-IL
2011-10-12 17:19:55 ----D---- C:\Windows\system32\fr-FR
2011-10-12 17:19:55 ----D---- C:\Windows\system32\fi-FI
2011-10-12 17:19:55 ----D---- C:\Windows\system32\et-EE
2011-10-12 17:19:55 ----D---- C:\Windows\system32\es-ES
2011-10-12 17:19:55 ----D---- C:\Windows\system32\en-US
2011-10-12 17:19:55 ----D---- C:\Windows\system32\de-DE
2011-10-12 17:19:55 ----D---- C:\Windows\system32\da-DK
2011-10-12 17:19:55 ----D---- C:\Windows\system32\cs-CZ
2011-10-12 17:19:55 ----D---- C:\Windows\system32\bg-BG
2011-10-12 17:19:55 ----D---- C:\Windows\system32\ar-SA
2011-10-11 22:29:24 ----D---- C:\Windows\system32\wbem
2011-10-11 22:27:28 ----D---- C:\Windows\system32\wfp
2011-10-11 22:25:49 ----DC---- C:\Users\Jarda\AppData\Roaming\GHISLER
2011-10-11 22:25:49 ----DC---- C:\Program Files\TVAnts
2011-10-11 22:25:44 ----DC---- C:\Program Files\Esmska
2011-10-11 22:25:44 ----DC---- C:\Program Files\AutoPowerOn
2011-10-11 22:25:44 ----D---- C:\5130079e151d0ddc3fd6
2011-10-11 22:25:34 ----D---- C:\Windows\system32\CodeIntegrity
2011-10-11 22:25:33 ----D---- C:\Windows\servicing
2011-10-11 22:25:12 ----DC---- C:\Program Files\RealVNC
2011-10-11 22:25:03 ----DC---- C:\Program Files\PowerISO
2011-10-11 22:25:03 ----DC---- C:\Program Files\Pinnacle
2011-10-11 22:25:02 ----DC---- C:\Program Files\MadZ Clone DVD Pro
2011-10-11 22:25:02 ----DC---- C:\Program Files\LG Electronics
2011-10-11 22:14:30 ----DC---- C:\Program Files\Microsoft Visual Studio 8
2011-10-11 22:13:46 ----DC---- C:\Program Files\DVD Maker
2011-10-11 22:13:45 ----DC---- C:\Program Files\Common Files\microsoft shared
2011-10-10 17:39:20 ----DC---- C:\Windows\system32\DRVSTORE
2011-10-09 21:49:47 ----DC---- C:\Users\Jarda\AppData\Roaming\vlc
2011-10-06 21:35:09 ----A---- C:\Windows\system32\pncrt.dll
2011-10-05 16:28:04 ----DC---- C:\Program Files\Synaptics
2011-10-05 15:56:15 ----DC---- C:\Program Files\NVIDIA Corporation
2011-10-05 15:55:53 ----DC---- C:\Program Files\Common Files\Wise Installation Wizard
2011-10-05 15:55:18 ----RDC---- C:\Users
2011-10-05 10:09:48 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-05 691696]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-10-11 134344]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-10-11 74640]
R2 cvintdrv;cvintdrv; C:\Windows\system32\drivers\cvintdrv.sys [2007-02-21 4096]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 12672]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\Windows\nvflash.sys [2009-01-07 36896]
R2 PStrip;PStrip; C:\Windows\system32\drivers\pstrip.sys [2007-07-15 27992]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-09 1096704]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-06-14 475648]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-07-08 139880]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-10-29 197224]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\ar5211.sys [2006-06-13 507424]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Jarda\AppData\Local\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\Jarda\AppData\Local\Temp\CFcatchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-03-06 25280]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-02-12 980992]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-02-12 207360]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-14 545792]
S3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\Windows\system32\drivers\nhcDriver.sys [2010-02-28 22528]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclock.sys [2008-10-24 36640]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-03-13 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-02-12 661504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD FusionUtility Service;AMD FusionUtility Service; C:\Program Files\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\AMD\Reservation Manager\AMD Reservation Manager.exe [2010-04-14 140160]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-07-23 387616]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 LkCitadelServer;Lookout Citadel Server; C:\Windows\system32\lkcitdl.exe [2007-01-22 695136]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\system32\lkads.exe [2007-02-14 56096]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\system32\lktsrv.exe [2007-02-14 64288]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2007-02-14 207648]
R2 niSvcLoc;NI Service Locator; C:\Windows\system32\nisvcloc.exe [2007-02-21 56096]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-07-23 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1136448]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2010-12-07 1294848]
R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-01-07 121376]
S2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe []
S2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 29 říj 2011 16:26

Zdravim a pekny podvecer preji

Vy umite zachazet s ComboFixem = spustit, vylustit log a napsat docistovaci skript? Tato utilita je pro radce - vizte nize

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost 2 a potvrte enterem
Utilita provede svou cinnost a da log - ten sem vlozte
Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

Parkoslav1992 · #3 Příspěvek od **Parkoslav1992** » 29 říj 2011 16:32

RogueKiller V6.1.5 [10/29/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: Jarda [Admin rights]
Mode: Remove -- Date : 10/29/2011 17:28:07

Bad processes: 1
[SERVICE] wxpdrivers -- C:\Windows\update.1\svchost.exe srv -> STOPPED

Registry Entries: 15
[SUSP PATH] HKCU\[...]\Run : Facebook Update ("C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver) -> DELETED
[SUSP PATH] HKLM\[...]\Run : wxpdrv (C:\Windows\services32.exe) -> DELETED
[HJ NAME] HKLM\[...]\Run : tray_ico0 (C:\Windows\update.tray-8-0\svchost.exe) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[SUSP PATH] FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job : C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe -> DELETED
[SUSP PATH] FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job : C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED ()
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED ()
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED ()
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED ()
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED ()
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()

Particular Files / Folders:

Driver: [LOADED]

HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

RogueKiller V6.1.5 [10/29/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: Jarda [Admin rights]
Mode: Remove -- Date : 10/29/2011 17:28:18

Bad processes: 0

Registry Entries: 0

Particular Files / Folders:

Driver: [LOADED]

HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

RogueKiller V6.1.5 [10/29/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: Jarda [Admin rights]
Mode: ProxyFix -- Date : 10/29/2011 17:28:26

Bad processes: 0

Driver: [LOADED]

Registry Entries: 0

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

#4 Příspěvek od **vyosek** » 29 říj 2011 16:35

vyosek píše: Vy umite zachazet s ComboFixem = spustit, vylustit log a napsat docistovaci skript?

Parkoslav1992 · #5 Příspěvek od **Parkoslav1992** » 29 říj 2011 16:41

vyosek píše:
vyosek píše: Vy umite zachazet s ComboFixem = spustit, vylustit log a napsat docistovaci skript?

neeee... me to doporucil znamy ze to prej pouziva jednou za cas.

#6 Příspěvek od **vyosek** » 29 říj 2011 16:54

Parkoslav1992 píše:
vyosek píše:
vyosek píše: Vy umite zachazet s ComboFixem = spustit, vylustit log a napsat docistovaci skript?

neeee... me to doporucil znamy ze to prej pouziva jednou za cas.

Tak znamemu podekujte az si jednou za cas budete muset reinstalovat windows pac Cf ma obcas bug a posle PC do kytek a kdyz s nim neumite, tak reinstalujete

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Parkoslav1992 · #7 Příspěvek od **Parkoslav1992** » 29 říj 2011 17:19

ComboFix 11-10-29.03 - Jarda 29.10.2011 18:00:41.4.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2814.1516 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\update.1
c:\windows\update.1\svchost.exe
.
---- Předchozí spuštění -------
.
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.pyc
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.pyc
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\sysdriver32_.exe
c:\windows\update.1\svchost.exe
D:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_srvbtcclient
-------\Service_srviecheck
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-29 16:14 . 2011-10-29 16:14 -------- dc----w- c:\users\Jarda\AppData\Local\temp
2011-10-29 16:14 . 2011-10-29 16:14 -------- dc----w- c:\users\Guest\AppData\Local\temp
2011-10-29 16:14 . 2011-10-29 16:14 -------- dc----w- c:\users\Default\AppData\Local\temp
2011-10-29 16:14 . 2011-10-29 16:14 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-10-29 15:53 . 2011-10-29 15:54 -------- dc----w- c:\users\Jarda\AppData\Local\Seznam.cz
2011-10-29 14:05 . 1999-12-17 06:13 86016 ----a-w- c:\windows\unvise32.exe
2011-10-29 13:54 . 2011-10-29 13:59 -------- dc----w- c:\program files\Progress Studio
2011-10-29 13:13 . 2011-10-29 13:13 -------- dc----w- c:\program files\Peter
2011-10-29 12:05 . 2011-10-29 12:05 -------- d-----w- c:\windows\av_ico
2011-10-29 12:03 . 2011-10-29 12:03 -------- d--h--w- c:\windows\update.tray-8-0
2011-10-29 12:03 . 2011-10-29 12:03 -------- d--h--w- c:\windows\update.tray-8-0-lnk
2011-10-29 11:19 . 2011-10-29 11:19 -------- dc----w- c:\users\Jarda\AppData\Roaming\Avira
2011-10-29 11:18 . 2011-10-11 13:00 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-29 11:18 . 2011-10-11 13:00 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-29 11:18 . 2011-10-11 13:00 134344 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-29 08:59 . 2011-10-29 09:04 301568 ----a-w- c:\windows\system32\cmd.execf
2011-10-29 07:15 . 2011-10-29 07:15 -------- d-----w- c:\windows\ufa
2011-10-28 07:28 . 2011-10-28 07:28 -------- dc----w- c:\program files\DiskCheckerXP
2011-10-28 06:16 . 2011-10-29 07:15 246272 ----a-w- c:\windows\unrar.exe
2011-10-28 06:14 . 2011-10-28 06:14 1198080 ----a-w- c:\windows\services32.exe
2011-10-25 14:27 . 2011-10-25 14:27 -------- dc----w- c:\program files\Common Files\PCSuite
2011-10-25 14:01 . 2011-07-07 23:21 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-10-25 14:01 . 2011-07-07 23:21 139880 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-10-25 14:01 . 2011-07-07 23:21 65640 ----a-w- c:\windows\system32\nvapo32v.dll
2011-10-25 14:01 . 2011-07-07 23:21 876136 ----a-w- c:\windows\system32\nvhdagenco3220102.dll
2011-10-25 14:00 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-25 14:00 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-25 14:00 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-25 14:00 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-25 14:00 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-25 14:00 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-25 14:00 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-25 13:50 . 2011-10-25 13:50 -------- d-----w- C:\NVIDIA
2011-10-25 09:14 . 2011-10-25 09:14 -------- dc----w- c:\program files\Music NFO Builder
2011-10-19 13:28 . 2011-10-19 13:28 -------- dc----w- c:\users\Jarda\AppData\Roaming\NVIDIA
2011-10-19 13:27 . 2011-10-19 13:27 -------- dc----w- c:\users\Jarda\AppData\Local\Facebook
2011-10-16 17:48 . 2011-10-16 17:48 -------- dc----w- c:\program files\Common Files\PX Storage Engine
2011-10-16 17:38 . 2011-10-16 17:52 -------- d-----w- c:\programdata\DivX
2011-10-14 19:52 . 2011-10-14 19:52 -------- d-----w- c:\windows\system32\SPReview
2011-10-14 08:25 . 2011-10-14 08:25 -------- d-----w- c:\windows\system32\sda
2011-10-14 08:22 . 2010-10-29 21:11 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll
2011-10-14 08:22 . 2010-10-29 21:11 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2011-10-14 08:22 . 2010-10-29 21:11 313960 ----a-w- c:\windows\system32\RtsUStor.dll
2011-10-14 07:34 . 2011-10-14 07:34 -------- dc----w- c:\program files\Driver-Soft
2011-10-13 13:17 . 2011-10-13 13:17 -------- dc----w- c:\users\Jarda\AppData\Local\johnsadventures.com
2011-10-13 13:10 . 2011-10-13 13:10 -------- dc----w- c:\users\Jarda\AppData\Roaming\johnsadventures.com
2011-10-13 13:10 . 2011-10-13 13:10 -------- dc----w- c:\program files\johnsadventures.com
2011-10-13 09:16 . 2011-10-13 13:17 -------- dc----w- c:\program files\changeit
2011-10-12 13:58 . 2011-08-27 04:43 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 13:58 . 2011-08-27 04:43 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 13:58 . 2011-08-17 04:26 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 13:58 . 2011-08-17 04:22 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 13:58 . 2011-08-17 04:22 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 13:58 . 2011-08-17 04:22 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 13:58 . 2011-08-17 04:22 204288 ----a-w- c:\windows\system32\MSNP.ax
2011-10-12 13:58 . 2011-09-06 02:38 2332672 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 13:56 . 2011-06-23 04:38 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-12 13:56 . 2011-06-23 04:38 3902336 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-12 13:54 . 2011-06-21 05:39 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-10-12 13:54 . 2011-07-09 04:30 2048 ----a-w- c:\windows\system32\tzres.dll
2011-10-12 13:54 . 2011-04-28 03:29 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-10-12 13:54 . 2011-04-28 03:29 393216 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-10-12 13:48 . 2011-06-15 09:04 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-10-12 13:48 . 2011-06-15 09:04 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-10-12 13:48 . 2011-06-15 09:04 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-10-12 13:48 . 2011-06-15 09:04 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-10-12 13:48 . 2011-06-15 09:04 122880 ----a-w- c:\windows\system32\odbccp32.dll
2011-10-12 13:48 . 2011-06-15 09:04 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2011-10-11 20:29 . 2011-10-29 12:05 -------- d-----w- c:\windows\system32\wbem\repository
2011-10-11 11:39 . 2011-10-11 11:42 -------- dc----w- c:\users\Jarda\AppData\Local\Super Internet TV
2011-10-10 17:32 . 2011-10-10 17:32 -------- d-----w- c:\programdata\GroupPolicy
2011-10-10 16:53 . 2011-10-10 16:53 -------- dc----w- c:\program files\Yamicsoft
2011-10-10 15:39 . 2011-10-10 15:39 -------- dc----w- c:\program files\PC Connectivity Solution
2011-10-06 19:36 . 2011-10-06 19:36 11776 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-10-06 19:35 . 2011-10-06 19:35 -------- dc----w- c:\program files\Common Files\xing shared
2011-10-06 19:35 . 2011-10-06 19:35 150696 -c--a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-10-06 19:35 . 2011-10-06 19:35 107008 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-10-06 19:34 . 2011-10-11 20:25 -------- dc----w- c:\program files\Real
2011-10-06 11:38 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2011-10-06 11:38 . 2011-10-06 11:38 -------- dc----w- c:\program files\AMD
2011-10-06 11:38 . 2011-10-06 11:38 -------- d-----w- c:\programdata\AMD
2011-10-06 11:21 . 2011-10-06 11:21 -------- d-----w- C:\SwSetup
2011-10-06 08:37 . 2011-10-06 08:37 -------- dc----w- c:\users\Jarda\AppData\Roaming\VS Revo Group
2011-10-05 14:35 . 2011-10-05 14:35 -------- dc----w- c:\users\Jarda\AppData\Roaming\Synaptics
2011-10-05 14:28 . 2011-10-11 20:15 -------- d-----w- c:\programdata\Synaptics
2011-10-05 14:20 . 2011-01-07 01:51 120104 ----a-w- c:\windows\system32\SynTPCo6.dll
2011-10-05 13:55 . 2011-10-27 06:58 -------- dc----w- c:\users\UpdatusUser
2011-10-05 13:54 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-10-05 13:54 . 2011-10-05 13:54 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-10-05 13:53 . 2011-05-10 09:41 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-10-05 13:53 . 2011-10-15 08:53 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-05 13:53 . 2011-10-15 08:53 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-04 13:31 . 2011-10-04 13:31 -------- dc----w- c:\users\Jarda\AppData\Local\APN
2011-10-04 13:30 . 2011-10-12 10:16 -------- dc----w- c:\program files\The KMPlayer
2011-10-04 09:27 . 2011-10-29 14:01 -------- dc----w- c:\users\Jarda\AppData\Roaming\AIMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-15 08:53 . 2010-03-16 18:46 6350144 ----a-w- c:\windows\system32\nvcpl.dll
2011-10-15 08:53 . 2010-03-16 18:46 487232 ----a-w- c:\windows\system32\nvhotkey.dll
2011-10-15 08:53 . 2010-03-16 18:46 3840320 ----a-w- c:\windows\system32\nvsvc.dll
2011-10-15 08:53 . 2010-03-16 18:46 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2011-10-15 08:53 . 2010-03-16 18:46 203072 ----a-w- c:\windows\system32\nvmctray.dll
2011-10-15 08:53 . 2010-03-16 18:46 1136448 ----a-w- c:\windows\system32\nvvsvc.exe
2011-10-15 08:53 . 2010-01-05 17:21 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-15 08:53 . 2010-01-05 17:21 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-15 08:53 . 2010-01-05 17:21 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-15 08:53 . 2009-11-20 19:33 123712 ----a-w- c:\windows\system32\nvshext.dll
2011-10-05 14:08 . 2011-06-01 16:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-07-06 18:05 . 2010-07-06 18:04 19495102 -c--a-w- c:\program files\vlc-1.1.0-win32.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 -c--a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 -c--a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"="c:\program files\AIMP2\AIMP2.exe" [2010-08-07 1262592]
"BackgroundSwitcher"="c:\program files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe" [2010-11-09 119104]
"Seznam Postak"="c:\users\Jarda\AppData\Local\Seznam.cz\postak.exe" [2011-05-25 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C\0autocheck autochk /p \??\C\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-03-28 01:05 1045800 -c--a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 CFcatchme;CFcatchme;c:\users\Jarda\AppData\Local\Temp\CFcatchme.sys [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-03-13 47360]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD FusionUtility Service;AMD FusionUtility Service;c:\program files\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\AMD\Reservation Manager\AMD Reservation Manager.exe [2010-04-14 140160]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
S2 ScrybeUpdater;Aktualizátor aplikace Scrybe;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2010-12-07 1294848]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-07-07 139880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-29 197224]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - MBAMSwissArmy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1231980872-3630433492-3231682891-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,e6,08,c5,46,1a,2c,ff,94,57,e5,ea,d9,cf,7e,e4,cd,f9,b3,b3,05,0f,ff,
e9,7a,93,ac,f2,71,df,f4,17,14,eb,12,a4,90,cc,fd,88,d7,67,83,3b,45,a1,15,e4,\
"??"=hex:2f,19,2e,25,8f,93,2b,24,e8,c1,3a,76,bb,2e,82,2f
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-10-29 18:18:38
ComboFix-quarantined-files.txt 2011-10-29 16:18
.
Před spuštěním: 9 066 340 352
Po spuštění: 8 711 155 712
.
- - End Of File - - 46EFD9F86042F9C8730F2EC22376515D

#8 Příspěvek od **vyosek** » 29 říj 2011 21:22

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Collect::
c:\windows\unrar.exe
c:\windows\services32.exe
c:\windows\unvise32.exe
C:\Users\Jarda\Desktop\Flash-Player.exe

Folder::
C:\Users\Jarda\AppData\Local\Facebook\Update
c:\windows\av_ico
c:\windows\update.tray-8-0
c:\windows\update.tray-8-0-lnk
c:\windows\ufa

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Jarda\Desktop\Flash-Player.exe"=-
"C:\Windows\update.1\svchost.exe"=-
"C:\Windows\update.2\svchost.exe"=-
"C:\Windows\services32.exe"=-

File::
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job

DDS::
Trusted Zone: kuaiche.com\software

Firefox::
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

RegNull::
[HKEY_USERS\S-1-5-21-1231980872-3630433492-3231682891-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Parkoslav1992 · #9 Příspěvek od **Parkoslav1992** » 29 říj 2011 22:23

ComboFix 11-10-29.03 - Jarda 29.10.2011 22:32:15.5.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2814.1411 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jarda\Desktop\CFscript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job"
.
file zipped: c:\users\Jarda\Desktop\Flash-Player.exe
file zipped: c:\windows\services32.exe
file zipped: c:\windows\unrar.exe
file zipped: c:\windows\unvise32.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jarda\AppData\Local\Facebook\Update
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\FacebookCrashHandler.exe
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdate.exe
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdateHelper.msi
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdate.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ar.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bg.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bn.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ca.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_cs.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_da.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_de.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_el.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en-GB.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es-419.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_et.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fa.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fi.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fil.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fr.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_gu.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hi.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hr.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hu.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_id.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_is.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_it.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_iw.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ja.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_kn.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ko.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lt.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lv.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ml.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_mr.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ms.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_nl.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_no.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_or.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pl.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-BR.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-PT.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ro.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ru.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sk.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sl.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sr.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sv.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ta.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_te.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_th.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_tr.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_uk.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ur.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_vi.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-CN.dll
c:\users\Jarda\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-TW.dll
c:\users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\av_ico
c:\windows\av_ico\ico_avira_start.ico
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\update.tray-8-0-lnk
c:\windows\update.tray-8-0-lnk\svchost.exe
c:\windows\update.tray-8-0
c:\windows\update.tray-8-0\svchost.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-29 20:46 . 2011-10-29 20:50 -------- dc----w- c:\users\Jarda\AppData\Local\temp
2011-10-29 20:46 . 2011-10-29 20:46 -------- dc----w- c:\users\Guest\AppData\Local\temp
2011-10-29 20:46 . 2011-10-29 20:46 -------- dc----w- c:\users\Default\AppData\Local\temp
2011-10-29 20:46 . 2011-10-29 20:46 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-10-29 15:53 . 2011-10-29 20:47 -------- dc----w- c:\users\Jarda\AppData\Local\Seznam.cz
2011-10-29 14:05 . 2011-10-29 20:32 86016 ----a-w- c:\windows\unvise32.exe
2011-10-29 13:54 . 2011-10-29 13:59 -------- dc----w- c:\program files\Progress Studio
2011-10-29 13:13 . 2011-10-29 13:13 -------- dc----w- c:\program files\Peter
2011-10-29 11:19 . 2011-10-29 11:19 -------- dc----w- c:\users\Jarda\AppData\Roaming\Avira
2011-10-29 11:18 . 2011-10-11 13:00 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-29 11:18 . 2011-10-11 13:00 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-29 11:18 . 2011-10-11 13:00 134344 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-29 08:59 . 2011-10-29 09:04 301568 ----a-w- c:\windows\system32\cmd.execf
2011-10-28 07:28 . 2011-10-28 07:28 -------- dc----w- c:\program files\DiskCheckerXP
2011-10-28 06:16 . 2011-10-29 20:32 246272 ----a-w- c:\windows\unrar.exe
2011-10-28 06:14 . 2011-10-29 20:32 1198080 ----a-w- c:\windows\services32.exe
2011-10-25 14:27 . 2011-10-25 14:27 -------- dc----w- c:\program files\Common Files\PCSuite
2011-10-25 14:01 . 2011-07-07 23:21 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-10-25 14:01 . 2011-07-07 23:21 139880 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-10-25 14:01 . 2011-07-07 23:21 65640 ----a-w- c:\windows\system32\nvapo32v.dll
2011-10-25 14:01 . 2011-07-07 23:21 876136 ----a-w- c:\windows\system32\nvhdagenco3220102.dll
2011-10-25 14:00 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-25 14:00 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-25 14:00 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-25 14:00 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-25 14:00 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-25 14:00 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-25 14:00 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-25 13:50 . 2011-10-25 13:50 -------- d-----w- C:\NVIDIA
2011-10-25 09:14 . 2011-10-25 09:14 -------- dc----w- c:\program files\Music NFO Builder
2011-10-19 13:28 . 2011-10-19 13:28 -------- dc----w- c:\users\Jarda\AppData\Roaming\NVIDIA
2011-10-19 13:27 . 2011-10-19 13:27 -------- dc----w- c:\users\Jarda\AppData\Local\Facebook
2011-10-16 17:48 . 2011-10-16 17:48 -------- dc----w- c:\program files\Common Files\PX Storage Engine
2011-10-16 17:38 . 2011-10-16 17:52 -------- d-----w- c:\programdata\DivX
2011-10-14 19:52 . 2011-10-14 19:52 -------- d-----w- c:\windows\system32\SPReview
2011-10-14 08:25 . 2011-10-14 08:25 -------- d-----w- c:\windows\system32\sda
2011-10-14 08:22 . 2010-10-29 21:11 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll
2011-10-14 08:22 . 2010-10-29 21:11 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2011-10-14 08:22 . 2010-10-29 21:11 313960 ----a-w- c:\windows\system32\RtsUStor.dll
2011-10-14 07:34 . 2011-10-14 07:34 -------- dc----w- c:\program files\Driver-Soft
2011-10-13 13:17 . 2011-10-13 13:17 -------- dc----w- c:\users\Jarda\AppData\Local\johnsadventures.com
2011-10-13 13:10 . 2011-10-13 13:10 -------- dc----w- c:\users\Jarda\AppData\Roaming\johnsadventures.com
2011-10-13 13:10 . 2011-10-13 13:10 -------- dc----w- c:\program files\johnsadventures.com
2011-10-13 09:16 . 2011-10-13 13:17 -------- dc----w- c:\program files\changeit
2011-10-12 13:58 . 2011-08-27 04:43 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 13:58 . 2011-08-27 04:43 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 13:58 . 2011-08-17 04:26 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 13:58 . 2011-08-17 04:22 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 13:58 . 2011-08-17 04:22 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 13:58 . 2011-08-17 04:22 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 13:58 . 2011-08-17 04:22 204288 ----a-w- c:\windows\system32\MSNP.ax
2011-10-12 13:58 . 2011-09-06 02:38 2332672 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 13:56 . 2011-06-23 04:38 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-12 13:56 . 2011-06-23 04:38 3902336 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-12 13:54 . 2011-06-21 05:39 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-10-12 13:54 . 2011-07-09 04:30 2048 ----a-w- c:\windows\system32\tzres.dll
2011-10-12 13:54 . 2011-04-28 03:29 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-10-12 13:54 . 2011-04-28 03:29 393216 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-10-12 13:48 . 2011-06-15 09:04 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-10-12 13:48 . 2011-06-15 09:04 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-10-12 13:48 . 2011-06-15 09:04 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-10-12 13:48 . 2011-06-15 09:04 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-10-12 13:48 . 2011-06-15 09:04 122880 ----a-w- c:\windows\system32\odbccp32.dll
2011-10-12 13:48 . 2011-06-15 09:04 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2011-10-11 20:29 . 2011-10-29 20:47 -------- d-----w- c:\windows\system32\wbem\repository
2011-10-11 11:39 . 2011-10-11 11:42 -------- dc----w- c:\users\Jarda\AppData\Local\Super Internet TV
2011-10-10 17:32 . 2011-10-10 17:32 -------- d-----w- c:\programdata\GroupPolicy
2011-10-10 16:53 . 2011-10-10 16:53 -------- dc----w- c:\program files\Yamicsoft
2011-10-10 15:39 . 2011-10-10 15:39 -------- dc----w- c:\program files\PC Connectivity Solution
2011-10-06 19:36 . 2011-10-06 19:36 11776 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-10-06 19:35 . 2011-10-06 19:35 -------- dc----w- c:\program files\Common Files\xing shared
2011-10-06 19:35 . 2011-10-06 19:35 150696 -c--a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-10-06 19:35 . 2011-10-06 19:35 107008 -c--a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-10-06 19:34 . 2011-10-11 20:25 -------- dc----w- c:\program files\Real
2011-10-06 11:38 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2011-10-06 11:38 . 2011-10-06 11:38 -------- dc----w- c:\program files\AMD
2011-10-06 11:38 . 2011-10-06 11:38 -------- d-----w- c:\programdata\AMD
2011-10-06 11:21 . 2011-10-06 11:21 -------- d-----w- C:\SwSetup
2011-10-06 08:37 . 2011-10-06 08:37 -------- dc----w- c:\users\Jarda\AppData\Roaming\VS Revo Group
2011-10-05 14:35 . 2011-10-05 14:35 -------- dc----w- c:\users\Jarda\AppData\Roaming\Synaptics
2011-10-05 14:28 . 2011-10-11 20:15 -------- d-----w- c:\programdata\Synaptics
2011-10-05 14:20 . 2011-01-07 01:51 120104 ----a-w- c:\windows\system32\SynTPCo6.dll
2011-10-05 13:55 . 2011-10-27 06:58 -------- dc----w- c:\users\UpdatusUser
2011-10-05 13:54 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-10-05 13:54 . 2011-10-05 13:54 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-10-05 13:53 . 2011-05-10 09:41 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-10-05 13:53 . 2011-10-15 08:53 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-05 13:53 . 2011-10-15 08:53 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-04 13:31 . 2011-10-04 13:31 -------- dc----w- c:\users\Jarda\AppData\Local\APN
2011-10-04 13:30 . 2011-10-12 10:16 -------- dc----w- c:\program files\The KMPlayer
2011-10-04 09:27 . 2011-10-29 14:01 -------- dc----w- c:\users\Jarda\AppData\Roaming\AIMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-15 08:53 . 2010-03-16 18:46 6350144 ----a-w- c:\windows\system32\nvcpl.dll
2011-10-15 08:53 . 2010-03-16 18:46 487232 ----a-w- c:\windows\system32\nvhotkey.dll
2011-10-15 08:53 . 2010-03-16 18:46 3840320 ----a-w- c:\windows\system32\nvsvc.dll
2011-10-15 08:53 . 2010-03-16 18:46 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2011-10-15 08:53 . 2010-03-16 18:46 203072 ----a-w- c:\windows\system32\nvmctray.dll
2011-10-15 08:53 . 2010-03-16 18:46 1136448 ----a-w- c:\windows\system32\nvvsvc.exe
2011-10-15 08:53 . 2010-01-05 17:21 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-15 08:53 . 2010-01-05 17:21 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-15 08:53 . 2010-01-05 17:21 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-15 08:53 . 2009-11-20 19:33 123712 ----a-w- c:\windows\system32\nvshext.dll
2011-10-05 14:08 . 2011-06-01 16:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-07-06 18:05 . 2010-07-06 18:04 19495102 -c--a-w- c:\program files\vlc-1.1.0-win32.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 -c--a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 -c--a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"="c:\program files\AIMP2\AIMP2.exe" [2010-08-07 1262592]
"BackgroundSwitcher"="c:\program files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe" [2010-11-09 119104]
"Seznam Postak"="c:\users\Jarda\AppData\Local\Seznam.cz\postak.exe" [2011-05-25 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C\0autocheck autochk /p \??\C\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-03-28 01:05 1045800 -c--a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 CFcatchme;CFcatchme;c:\users\Jarda\AppData\Local\Temp\CFcatchme.sys [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-03-13 47360]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD FusionUtility Service;AMD FusionUtility Service;c:\program files\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\AMD\Reservation Manager\AMD Reservation Manager.exe [2010-04-14 140160]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
S2 ScrybeUpdater;Aktualizátor aplikace Scrybe;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2010-12-07 1294848]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-07-07 139880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-29 197224]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3144)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\sppsvc.exe
c:\program files\NVIDIA Corporation\System Update\UpdateCenterService.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Celkový čas: 2011-10-29 22:59:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-29 20:59
ComboFix2.txt 2011-10-29 16:18
.
Před spuštěním: 8 714 940 416
Po spuštění: 8 145 809 408
.
- - End Of File - - 55CAC23CD743E6ECF14C7291E817F43F
Nahr nˇ probŘhlo ŁspŘçnŘ

#10 Příspěvek od **vyosek** » 30 říj 2011 10:46

Stahnete OTM (viz muj podpis)

Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

Kód: Vybrat vše

:files
c:\windows\unrar.exe
c:\windows\services32.exe
c:\windows\unvise32.exe
C:\Users\Jarda\Desktop\Flash-Player.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na cervene tlacitko MoveIt!
Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

Parkoslav1992

All processes killed
========== FILES ==========
c:\windows\unrar.exe moved successfully.
c:\windows\services32.exe moved successfully.
c:\windows\unvise32.exe moved successfully.
C:\Users\Jarda\Desktop\Flash-Player.exe moved successfully.
File/Folder C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job not found.
File/Folder C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jarda
->Temp folder emptied: 20169 bytes
->Temporary Internet Files folder emptied: 412770 bytes
->Java cache emptied: 1810211 bytes
->FireFox cache emptied: 3481933 bytes
->Google Chrome cache emptied: 93936557 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 470 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 131750 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 95,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Jarda
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.19.0 log created on 10302011_105233

#12 Příspěvek od **vyosek** » 30 říj 2011 10:59

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate

http://dlpro.antivir.com/package/remova ... n32-en.exe

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Nainstalujte zabezpeceni PC - Avast, Aviru ci MSE

Dejte novy log z RSIT a napiste co PC

Parkoslav1992

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jarda at 2011-10-30 11:37:34
Microsoft Windows 7 Ultimate
System drive C: has 11 GB (22%) free of 50 GB
Total RAM: 2814 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:06, on 30.10.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe
C:\Users\Jarda\AppData\Local\Seznam.cz\postak.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Jarda\Downloads\RSIT.exe
C:\Program Files\trend micro\Jarda.exe
C:\Windows\system32\rundll32.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [AIMP2] C:\Program Files\AIMP2\AIMP2.exe
O4 - HKCU\..\Run: [BackgroundSwitcher] "C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Users\Jarda\AppData\Local\Seznam.cz\postak.exe" -s
O4 - HKUS\S-1-5-21-1231980872-3630433492-3231682891-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1231980872-3630433492-3231682891-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\QIP Infium\infium.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - (no file)
O23 - Service: AMD FusionUtility Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\AMD\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\Windows\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\Windows\system32\lktsrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\Windows\system32\nisvcloc.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 9120 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default

prefs.js - "extensions.enabledItems" - "{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, bkmrksync@nokia.com:1.0.0.740, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
FlashGet3.xpi
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
fcmdSrch.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\extensions\
ffxtlbr@Facemoods.com
toolbar@ask.com
{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
{6236BA26-C117-4007-928C-DE0716C7FA80}
{6236BA26-C117-4007-928C-DE0716C7FA96}
{6236BA26-C117-4007-928C-DE0716C7FA99}
{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-06 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-07-27 1493160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-07-27 1493160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-07-27 397992]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-10-11 258512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"=C:\Program Files\AIMP2\AIMP2.exe [2010-08-07 1262592]
"BackgroundSwitcher"=C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe [2010-11-09 119104]
"Seznam Postak"=C:\Users\Jarda\AppData\Local\Seznam.cz\postak.exe [2011-05-25 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-11 203776]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-07-14 105984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Jarda\Desktop\Flash-Player.exe"="C:\Users\Jarda\Desktop\Flash-Player.exe:*:Enabled:C:\Users\Jarda\Desktop\Flash-Player.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:"
"C:\Windows\services32.exe"="C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"vidc.mjpg"=pvmjpg30.dll
"vidc.ffds"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-10-30 11:37:34 ----D---- C:\rsit
2011-10-30 11:35:52 ----DC---- C:\Program Files\Ask.com
2011-10-30 11:35:10 ----DC---- C:\Program Files\Avira
2011-10-30 11:35:10 ----D---- C:\ProgramData\Avira
2011-10-30 10:47:17 ----HD---- C:\Autorun.inf
2011-10-29 21:50:38 ----SHD---- C:\$RECYCLE.BIN
2011-10-29 21:47:16 ----D---- C:\Windows\temp
2011-10-29 14:54:02 ----DC---- C:\Program Files\Progress Studio
2011-10-29 14:13:11 ----DC---- C:\Program Files\Peter
2011-10-29 12:48:15 ----A---- C:\Windows\winlog-ids.txt
2011-10-29 12:48:15 ----A---- C:\Windows\winlog-dirs.txt
2011-10-29 12:19:35 ----DC---- C:\Users\Jarda\AppData\Roaming\Avira
2011-10-29 12:18:24 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2011-10-29 12:18:22 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-10-29 12:18:22 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-10-29 12:18:22 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-10-29 08:09:05 ----A---- C:\Windows\btc_client_iplist.txt
2011-10-28 08:28:40 ----DC---- C:\Program Files\DiskCheckerXP
2011-10-28 07:16:24 ----A---- C:\Windows\iecheck_iplist.txt
2011-10-28 07:15:21 ----A---- C:\Windows\iplist.txt
2011-10-28 07:14:42 ----A---- C:\Windows\front_ip_list.txt
2011-10-25 15:27:18 ----DC---- C:\Program Files\Common Files\PCSuite
2011-10-25 15:01:08 ----A---- C:\Windows\system32\nvhdap32.dll
2011-10-25 15:01:08 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2011-10-25 15:01:07 ----A---- C:\Windows\system32\nvhdagenco3220102.dll
2011-10-25 15:01:07 ----A---- C:\Windows\system32\nvapo32v.dll
2011-10-25 15:00:52 ----A---- C:\Windows\system32\OpenCL.dll
2011-10-25 15:00:51 ----A---- C:\Windows\system32\nvoglv32.dll
2011-10-25 15:00:51 ----A---- C:\Windows\system32\nvcuvid.dll
2011-10-25 15:00:51 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-10-25 15:00:51 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-10-25 15:00:50 ----A---- C:\Windows\system32\nvcuda.dll
2011-10-25 15:00:50 ----A---- C:\Windows\system32\nvcompiler.dll
2011-10-25 14:50:05 ----D---- C:\NVIDIA
2011-10-25 10:14:52 ----DC---- C:\Program Files\Music NFO Builder
2011-10-19 14:28:34 ----DC---- C:\Users\Jarda\AppData\Roaming\NVIDIA
2011-10-16 18:48:12 ----DC---- C:\Program Files\Common Files\PX Storage Engine
2011-10-16 18:38:33 ----D---- C:\ProgramData\DivX
2011-10-14 20:52:40 ----D---- C:\Windows\system32\SPReview
2011-10-14 09:25:57 ----D---- C:\Windows\system32\sda
2011-10-14 09:22:13 ----A---- C:\Windows\system32\RtsUStoricon.dll
2011-10-14 09:22:13 ----A---- C:\Windows\system32\drivers\RtsUStor.sys
2011-10-14 09:22:12 ----DC---- C:\Program Files\Realtek
2011-10-14 09:22:12 ----A---- C:\Windows\system32\RtsUStor.dll
2011-10-14 08:34:10 ----DC---- C:\Program Files\Driver-Soft
2011-10-13 14:10:46 ----DC---- C:\Users\Jarda\AppData\Roaming\johnsadventures.com
2011-10-13 14:10:20 ----DC---- C:\Program Files\johnsadventures.com
2011-10-13 10:16:25 ----DC---- C:\Program Files\changeit
2011-10-12 15:58:07 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 15:58:06 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 15:58:05 ----A---- C:\Windows\system32\jscript.dll
2011-10-12 15:58:05 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 15:58:04 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 15:58:04 ----A---- C:\Windows\system32\jscript9.dll
2011-10-12 15:58:03 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 15:58:02 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 15:58:02 ----A---- C:\Windows\system32\url.dll
2011-10-12 15:58:01 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 15:57:58 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 14:58:28 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 14:58:28 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 14:58:26 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 14:58:23 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 14:56:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-10-12 14:56:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-10-12 14:55:25 ----A---- C:\Windows\system32\kernel32.dll
2011-10-12 14:55:25 ----A---- C:\Windows\system32\conhost.exe
2011-10-12 14:55:24 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-10-12 14:55:24 ----A---- C:\Windows\system32\winsrv.dll
2011-10-12 14:55:24 ----A---- C:\Windows\system32\KernelBase.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-10-12 14:55:23 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-10-12 14:55:22 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-10-12 14:55:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-10-12 14:54:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-10-12 14:54:42 ----A---- C:\Windows\system32\tzres.dll
2011-10-12 14:54:33 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-10-12 14:54:33 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-10-12 14:48:17 ----A---- C:\Windows\system32\odbcjt32.dll
2011-10-12 14:48:17 ----A---- C:\Windows\system32\odbccu32.dll
2011-10-12 14:48:17 ----A---- C:\Windows\system32\odbccr32.dll
2011-10-12 14:48:16 ----A---- C:\Windows\system32\odbctrac.dll
2011-10-12 14:48:16 ----A---- C:\Windows\system32\odbccp32.dll
2011-10-10 18:32:58 ----D---- C:\ProgramData\GroupPolicy
2011-10-10 17:53:37 ----DC---- C:\Program Files\Yamicsoft
2011-10-10 16:39:12 ----DC---- C:\Program Files\PC Connectivity Solution
2011-10-06 20:35:42 ----DC---- C:\Program Files\Common Files\xing shared
2011-10-06 20:35:24 ----A---- C:\Windows\system32\rmoc3260.dll
2011-10-06 20:35:12 ----A---- C:\Windows\system32\pndx5032.dll
2011-10-06 20:35:12 ----A---- C:\Windows\system32\pndx5016.dll
2011-10-06 20:34:55 ----DC---- C:\Program Files\Real
2011-10-06 20:34:54 ----D---- C:\ProgramData\Real
2011-10-06 20:34:53 ----DC---- C:\Users\Jarda\AppData\Roaming\Real
2011-10-06 12:38:16 ----A---- C:\Windows\system32\drivers\amdiox86.sys
2011-10-06 12:38:03 ----DC---- C:\Program Files\AMD
2011-10-06 12:38:02 ----D---- C:\ProgramData\AMD
2011-10-06 12:21:48 ----D---- C:\SwSetup
2011-10-06 09:37:08 ----DC---- C:\Users\Jarda\AppData\Roaming\VS Revo Group
2011-10-05 15:35:10 ----DC---- C:\Users\Jarda\AppData\Roaming\Synaptics
2011-10-05 15:28:04 ----D---- C:\ProgramData\Synaptics
2011-10-05 15:20:43 ----A---- C:\Windows\system32\SynTPCo6.dll
2011-10-05 14:54:54 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-10-05 14:54:34 ----D---- C:\ProgramData\NVIDIA Corporation
2011-10-05 14:53:25 ----A---- C:\Windows\system32\nvhdagenco322040.dll
2011-10-05 14:53:15 ----A---- C:\Windows\system32\nvgenco32.dll
2011-10-05 14:53:15 ----A---- C:\Windows\system32\nvdispco32.dll
2011-10-04 14:30:41 ----DC---- C:\Program Files\The KMPlayer
2011-10-04 10:27:29 ----DC---- C:\Users\Jarda\AppData\Roaming\AIMP

======List of files/folders modified in the last 1 month======

2011-10-30 11:41:06 ----DC---- C:\Program Files\trend micro
2011-10-30 11:39:08 ----D---- C:\Windows\Prefetch
2011-10-30 11:36:12 ----D---- C:\Windows\inf
2011-10-30 11:36:09 ----SHD---- C:\Windows\Installer
2011-10-30 11:36:05 ----D---- C:\Windows\System32
2011-10-30 11:36:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-30 11:36:03 ----D---- C:\Windows\system32\Tasks
2011-10-30 11:35:56 ----D---- C:\Config.Msi
2011-10-30 11:35:52 ----RDC---- C:\Program Files
2011-10-30 11:35:10 ----D---- C:\ProgramData
2011-10-30 11:34:00 ----D---- C:\Windows\SoftwareDistribution
2011-10-30 11:33:12 ----DC---- C:\Users\Jarda\AppData\Roaming\uTorrent
2011-10-30 11:32:48 ----D---- C:\Windows
2011-10-30 11:30:10 ----D---- C:\Windows\system32\config
2011-10-30 11:06:29 ----SHD---- C:\System Volume Information
2011-10-30 11:04:49 ----D---- C:\Windows\system32\drivers
2011-10-30 10:54:20 ----D---- C:\Windows\tracing
2011-10-30 10:52:53 ----D---- C:\Windows\system32\drivers\etc
2011-10-30 10:52:34 ----D---- C:\Windows\Tasks
2011-10-29 21:50:38 ----A---- C:\Windows\system.ini
2011-10-29 21:39:16 ----D---- C:\Windows\AppPatch
2011-10-29 21:39:13 ----DC---- C:\Program Files\Common Files
2011-10-29 16:43:53 ----DC---- C:\Users\Jarda\AppData\Roaming\esmska
2011-10-29 15:01:08 ----DC---- C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2011-10-29 15:01:06 ----D---- C:\Windows\Panther
2011-10-29 15:00:15 ----DC---- C:\Program Files\CCleaner
2011-10-29 12:18:59 ----D---- C:\Windows\system32\catroot
2011-10-29 12:03:58 ----SD---- C:\ProgramData\Microsoft
2011-10-29 09:47:15 ----D---- C:\Windows\Downloaded Program Files
2011-10-29 09:09:12 ----DC---- C:\Program Files\Opera
2011-10-25 15:34:59 ----DC---- C:\Users\Jarda\AppData\Roaming\PC Suite
2011-10-25 15:29:09 ----D---- C:\Windows\system32\DriverStore
2011-10-25 15:27:17 ----DC---- C:\Program Files\Nokia
2011-10-25 15:27:17 ----DC---- C:\Program Files\Common Files\Nokia
2011-10-25 15:22:02 ----D---- C:\ProgramData\Installations
2011-10-25 15:06:46 ----D---- C:\ProgramData\NVIDIA
2011-10-25 15:03:54 ----D---- C:\Windows\system32\catroot2
2011-10-25 10:28:02 ----DC---- C:\Program Files\uTorrent
2011-10-25 09:26:32 ----DC---- C:\Users\Jarda\AppData\Roaming\Skype
2011-10-19 21:25:22 ----DC---- C:\Users\Jarda\AppData\Roaming\DivX
2011-10-18 08:58:07 ----DC---- C:\Program Files\Application Updater
2011-10-18 08:47:43 ----DC---- C:\Program Files\ESET
2011-10-16 18:52:24 ----DC---- C:\Program Files\DivX
2011-10-16 18:52:22 ----DC---- C:\Program Files\Common Files\DivX Shared
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvvsvc.exe
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvsvcr.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvsvc.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvshext.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvmctray.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvhotkey.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvd3dum.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvcpl.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvapi.dll
2011-10-14 10:47:01 ----D---- C:\ProgramData\Microsoft Help
2011-10-14 09:24:57 ----HDC---- C:\Program Files\InstallShield Installation Information
2011-10-13 09:23:12 ----D---- C:\Windows\winsxs
2011-10-12 20:28:29 ----D---- C:\ProgramData\Pinnacle
2011-10-12 19:16:46 ----D---- C:\Windows\Microsoft.NET
2011-10-12 19:16:40 ----RSD---- C:\Windows\assembly
2011-10-12 17:16:50 ----D---- C:\Windows\debug
2011-10-12 16:19:58 ----D---- C:\Windows\ehome
2011-10-12 16:19:57 ----DC---- C:\Program Files\Internet Explorer
2011-10-12 16:19:57 ----D---- C:\Windows\system32\migration
2011-10-12 16:19:55 ----D---- C:\Windows\system32\zh-TW
2011-10-12 16:19:55 ----D---- C:\Windows\system32\zh-CN
2011-10-12 16:19:55 ----D---- C:\Windows\system32\uk-UA
2011-10-12 16:19:55 ----D---- C:\Windows\system32\th-TH
2011-10-12 16:19:55 ----D---- C:\Windows\system32\sv-SE
2011-10-12 16:19:55 ----D---- C:\Windows\system32\sr-Latn-CS
2011-10-12 16:19:55 ----D---- C:\Windows\system32\sl-SI
2011-10-12 16:19:55 ----D---- C:\Windows\system32\sk-SK
2011-10-12 16:19:55 ----D---- C:\Windows\system32\ru-RU
2011-10-12 16:19:55 ----D---- C:\Windows\system32\ro-RO
2011-10-12 16:19:55 ----D---- C:\Windows\system32\pt-BR
2011-10-12 16:19:55 ----D---- C:\Windows\system32\pl-PL
2011-10-12 16:19:55 ----D---- C:\Windows\system32\nl-NL
2011-10-12 16:19:55 ----D---- C:\Windows\system32\nb-NO
2011-10-12 16:19:55 ----D---- C:\Windows\system32\ko-KR
2011-10-12 16:19:55 ----D---- C:\Windows\system32\it-IT
2011-10-12 16:19:55 ----D---- C:\Windows\system32\hr-HR
2011-10-12 16:19:55 ----D---- C:\Windows\system32\he-IL
2011-10-12 16:19:55 ----D---- C:\Windows\system32\fr-FR
2011-10-12 16:19:55 ----D---- C:\Windows\system32\fi-FI
2011-10-12 16:19:55 ----D---- C:\Windows\system32\et-EE
2011-10-12 16:19:55 ----D---- C:\Windows\system32\es-ES
2011-10-12 16:19:55 ----D---- C:\Windows\system32\en-US
2011-10-12 16:19:55 ----D---- C:\Windows\system32\de-DE
2011-10-12 16:19:55 ----D---- C:\Windows\system32\da-DK
2011-10-12 16:19:55 ----D---- C:\Windows\system32\cs-CZ
2011-10-12 16:19:55 ----D---- C:\Windows\system32\bg-BG
2011-10-12 16:19:55 ----D---- C:\Windows\system32\ar-SA
2011-10-11 21:29:24 ----D---- C:\Windows\system32\wbem
2011-10-11 21:27:28 ----D---- C:\Windows\system32\wfp
2011-10-11 21:25:49 ----DC---- C:\Users\Jarda\AppData\Roaming\GHISLER
2011-10-11 21:25:49 ----DC---- C:\Program Files\TVAnts
2011-10-11 21:25:44 ----DC---- C:\Program Files\Esmska
2011-10-11 21:25:44 ----DC---- C:\Program Files\AutoPowerOn
2011-10-11 21:25:44 ----D---- C:\5130079e151d0ddc3fd6
2011-10-11 21:25:34 ----D---- C:\Windows\system32\CodeIntegrity
2011-10-11 21:25:33 ----D---- C:\Windows\servicing
2011-10-11 21:25:12 ----DC---- C:\Program Files\RealVNC
2011-10-11 21:25:03 ----DC---- C:\Program Files\PowerISO
2011-10-11 21:25:03 ----DC---- C:\Program Files\Pinnacle
2011-10-11 21:25:02 ----DC---- C:\Program Files\MadZ Clone DVD Pro
2011-10-11 21:25:02 ----DC---- C:\Program Files\LG Electronics
2011-10-11 21:14:30 ----DC---- C:\Program Files\Microsoft Visual Studio 8
2011-10-11 21:13:46 ----DC---- C:\Program Files\DVD Maker
2011-10-11 21:13:45 ----DC---- C:\Program Files\Common Files\microsoft shared
2011-10-10 16:39:20 ----DC---- C:\Windows\system32\DRVSTORE
2011-10-09 20:49:47 ----DC---- C:\Users\Jarda\AppData\Roaming\vlc
2011-10-06 20:35:09 ----A---- C:\Windows\system32\pncrt.dll
2011-10-05 15:28:04 ----DC---- C:\Program Files\Synaptics
2011-10-05 14:56:15 ----DC---- C:\Program Files\NVIDIA Corporation
2011-10-05 14:55:53 ----DC---- C:\Program Files\Common Files\Wise Installation Wizard
2011-10-05 14:55:18 ----RDC---- C:\Users
2011-10-05 09:09:48 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-05 691696]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-10-11 134344]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 cvintdrv;cvintdrv; C:\Windows\system32\drivers\cvintdrv.sys [2007-02-21 4096]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 12672]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\Windows\nvflash.sys [2009-01-07 36896]
R2 PStrip;PStrip; C:\Windows\system32\drivers\pstrip.sys [2007-07-15 27992]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-09 1096704]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-06-14 475648]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-07-08 139880]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-10-29 197224]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-10-11 74640]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\ar5211.sys [2006-06-13 507424]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 CFcatchme;CFcatchme; \??\C:\Users\Jarda\AppData\Local\Temp\CFcatchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-03-06 25280]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-02-12 980992]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-02-12 207360]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\Windows\system32\drivers\nhcDriver.sys [2010-02-28 22528]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclock.sys [2008-10-24 36640]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-03-13 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-02-12 661504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD FusionUtility Service;AMD FusionUtility Service; C:\Program Files\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\AMD\Reservation Manager\AMD Reservation Manager.exe [2010-04-14 140160]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-07-23 387616]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 LkCitadelServer;Lookout Citadel Server; C:\Windows\system32\lkcitdl.exe [2007-01-22 695136]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\system32\lkads.exe [2007-02-14 56096]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\system32\lktsrv.exe [2007-02-14 64288]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2007-02-14 207648]
R2 niSvcLoc;NI Service Locator; C:\Windows\system32\nisvcloc.exe [2007-02-21 56096]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-07-23 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1136448]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2010-12-07 1294848]
R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-01-07 121376]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]

-----------------EOF-----------------

pc celkem bez problemu.. az na par problemu s oddilem D pri zjistovani problemu

#14 Příspěvek od **vyosek** » 30 říj 2011 14:42

Odinstalujte Avira SearchFree Toolbar plus Web Protection (Ask.com)

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Jarda\Desktop\Flash-Player.exe"=-
"C:\Windows\update.1\svchost.exe"=-
"C:\Windows\update.2\svchost.exe"=-
"C:\Windows\services32.exe"=-

Soubor ulozte jako oprava.reg
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit dvojklikem oprava.reg
Pripadny dotaz na zmenu registru potvrdte
Okno jen problikne a opravi regsitry - soubor muzete smazat

Temi problemy myslite co

Parkoslav1992

temi problemy myslim to ze disk D se zobrazoval normalne ale nebylo mozno ho otevrit... psalo to neco jako ze system nema pristup na DISK...ale ted uz je vse ok..

VIRY.CZ

prevence :p

prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p

Re: prevence :p