VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zdravím, prosím o kontrolu logu ..

https://forum.viry.cz:443/viewtopic.php?t=117479

Stránka 1 z 2

Zdravím, prosím o kontrolu logu ..

Napsal: 02 pro 2011 11:35
od Jan55
Logfile of random's system information tool 1.09 (written by random/random)
Run by Pc at 2011-12-02 11:34:23
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 28 GB (18%) free of 153 GB
Total RAM: 2038 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:34:50, on 2.12.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Display Stix 2.5\dstix.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\rundll32.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\Downloads\RSIT.exe
C:\Program Files\trend micro\Pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\SCROLL~1\MouseElf.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Display Stix - System tray] C:\Program Files\Display Stix 2.5\dstix.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Core Temp – zástupce.lnk = C:\Program Files\Coretemp\Core Temp.exe
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCC7A950-CE38-4518-AA3B-94FC1A517BD3}: NameServer = 8.8.8.8
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: SafeBoot Client Manager (SafeBootClientManager) - McAfee, Inc. - C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\Uvecko\WinVNC.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15255 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000UA.job
C:\Windows\tasks\Norton Security Scan for Pc.job
C:\Windows\tasks\User_Feed_Synchronization-{E875D9AB-1FAE-4C9C-B680-6FECD6E3AF47}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, myfxva@Merci.chao:1.2.1, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1, {2A1D5949-B519-4924-BF62-8522FE0D5274}:0.13, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908, noia2_option@kk.noia:3.76, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.3&q="

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\PROGRA~1\Crawler\firefox\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npRACtrl.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
LMIProxyHelper.exe
np-mswmp.dll
npdeploytk.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npRACtrl.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
ractrlkeyhook.dll
unicows.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.bak
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\
myfxva@Merci.chao
noia2_option@kk.noia
{07b2a769-ed19-4483-87ce-c643914c81bb}
{0F4F7F5C-C791-4951-8D9C-A0847AD03A7B}
{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\PcTranslator2005\WEBIE.DLL [2008-04-25 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-26 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-04-25 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-04-25 2403392]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\PcTranslator2005\WEBIE.DLL [2008-04-25 360448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-03-11 159744]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
""= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-18 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-18 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-18 141848]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"mouseElf"=C:\PROGRA~1\SCROLL~1\MouseElf.EXE [2005-12-16 438364]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-08-31 1047208]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Display Stix - System tray"=C:\Program Files\Display Stix 2.5\dstix.exe [2004-04-24 245760]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"WEBTRAN"= []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"Google Update"=C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-17 136176]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator]
C:\Program Files\Microsoft Office Communicator\communicator.exe [2008-12-16 5160288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]
C:\Program Files\dvd43\dvd43_tray.exe [2006-05-22 694272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-22 2772992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-10-03 480560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
C:\Genius\ioCentre\gTaskBar.exe [2007-04-13 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-02-28 63048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-10-02 1783808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-05-26 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2008-10-28 96816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinVNC – zástupce.lnk]
C:\PROGRA~1\TightVNC\WinVNC.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Core Temp – zástupce.lnk - C:\Program Files\Coretemp\Core Temp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-04-18 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=SbNp
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispScrSavPage"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=divxa32.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.VMnc"=vmnc.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2011-12-02 11:30:35 ----D---- C:\Program Files\trend micro
2011-12-02 11:30:34 ----D---- C:\rsit
2011-11-23 17:29:30 ----D---- C:\ProgramData\McAfee Security Scan
2011-11-23 17:29:30 ----D---- C:\ProgramData\McAfee
2011-11-23 17:29:26 ----D---- C:\Program Files\McAfee Security Scan
2011-11-17 12:24:19 ----D---- C:\Program Files\Common Files\Symantec Shared

======List of files/folders modified in the last 1 month======

2011-12-02 11:34:46 ----D---- C:\Windows\Temp
2011-12-02 11:34:09 ----D---- C:\Users\Pc\AppData\Roaming\SWF.max
2011-12-02 11:33:26 ----D---- C:\Windows\Prefetch
2011-12-02 11:30:35 ----RD---- C:\Program Files
2011-12-02 10:29:15 ----D---- C:\Windows\System32
2011-12-02 10:29:15 ----D---- C:\Windows\inf
2011-12-02 10:29:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-02 10:23:02 ----D---- C:\Windows\tracing
2011-12-02 10:23:02 ----D---- C:\ProgramData\VMware
2011-12-01 21:58:30 ----SHD---- C:\System Volume Information
2011-12-01 19:44:36 ----D---- C:\Users\Pc\AppData\Roaming\Skype
2011-12-01 18:01:49 ----D---- C:\Hudba
2011-11-30 21:13:45 ----D---- C:\Users\Pc\AppData\Roaming\vlc
2011-11-30 20:43:22 ----D---- C:\Users\Pc\AppData\Roaming\XnView
2011-11-29 22:21:17 ----D---- C:\Users\Pc\AppData\Roaming\.purple
2011-11-27 20:59:00 ----D---- C:\Foto
2011-11-23 22:04:21 ----D---- C:\Filmy
2011-11-23 17:29:30 ----HD---- C:\ProgramData
2011-11-21 22:28:02 ----D---- C:\Users\Pc\AppData\Roaming\dvdcss
2011-11-17 20:17:13 ----D---- C:\temp
2011-11-17 12:24:19 ----D---- C:\Program Files\Common Files
2011-11-10 22:25:17 ----D---- C:\Users\Pc\AppData\Roaming\uTorrent
2011-11-10 19:25:39 ----D---- C:\Program Files\Mozilla Firefox
2011-11-08 18:54:43 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2009-04-29 103760]
R0 SBAlg;SBAlg; C:\Windows\system32\drivers\SBAlg.sys [2008-08-13 44976]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2009-04-29 6496]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2009-04-29 33328]
R1 SbFlop;SbFlop; C:\Windows\system32\drivers\SbFlop.sys [2009-04-29 34480]
R1 SbRegFlt;SbRegFlt; C:\Windows\system32\drivers\SbRegFlt.sys [2009-04-29 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-10-02 141312]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-01-31 231248]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2008-10-28 32304]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-10-18 47640]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 nxsIO32;NextSensor Kernel I/O Driver; \??\C:\Windows\System32\DRIVERS\nxsIO32.sys [2008-04-24 2208]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2008-10-28 54960]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2008-10-28 31280]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2008-10-28 26288]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2008-10-28 857392]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [2008-10-02 22448]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-04-18 141312]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 axsaki;axsaki; C:\Windows\system32\DRIVERS\axsaki.sys [2003-03-30 102624]
R3 axskbus;axskbus; C:\Windows\system32\DRIVERS\axskbus.sys [2003-03-28 8640]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-12-12 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-12-12 16168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 dvd43llh;dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [2008-08-17 18816]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2007-03-13 9856]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-04-18 2354176]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-02-28 10144]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 22216]
R3 mdf15;mdf15; \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288]
R3 mvd21;mvd21; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2008-03-13 2555392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2008-10-28 23216]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2008-10-28 16560]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
S3 ALSysIO;ALSysIO; \??\C:\Users\Pc\AppData\Local\Temp\ALSysIO.sys []
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2008-07-21 273152]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-12-12 80424]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2007-04-13 16384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-06-13 25280]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-08-01 164864]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\Windows\system32\DRIVERS\k600bus.sys [2005-03-04 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k600mdfl.sys [2005-03-04 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k600mdm.sys [2005-03-04 87456]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k600obex.sys [2005-03-04 77072]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS [2004-03-24 17280]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-09-10 352256]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-07-15 409600]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-12-08 374152]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2011-06-06 2468168]
R2 SafeBootClientManager;SafeBoot Client Manager; C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe [2009-04-23 380988]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-10-02 570880]
R2 SZASSIST;SecretZone Assist Service; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [2008-06-20 181544]
R2 uvnc_service;uvnc_service; C:\Program Files\Uvecko\WinVNC.exe [2009-04-03 1693128]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2008-10-28 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2008-10-28 326192]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2008-10-28 399920]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 .EsetTrialReset;Eset Trial Reset; C:\Windows\system32\regedt32.exe [2006-11-02 9216]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-04-25 69632]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-05-01 654848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-25 138168]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2007-12-05 144688]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2006-10-01 16384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2008-10-02 191024]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-12-16 136584]
S4 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-12-16 390528]

-----------------EOF-----------------

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 02 pro 2011 13:08
od vyosek
Zdravim a pekny den preji :)

:arrow: Co udelame s tim nelegalnim ESET Smart Security :???: Pravidla fora hovori o moznosti pomoci v takovemto pripade jasne

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 02 pro 2011 13:57
od Jan55
Omlouvám se, tohle není můj PC, tak jsme si to neuvědomil. Zde dávám nový log : )


Logfile of random's system information tool 1.09 (written by random/random)
Run by Pc at 2011-12-02 13:53:25
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 32 GB (21%) free of 153 GB
Total RAM: 2038 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:27, on 2.12.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Display Stix 2.5\dstix.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Pc\Downloads\RSIT.exe
C:\Program Files\trend micro\Pc.exe
C:\Program Files\Java\jre6\bin\jucheck.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\SCROLL~1\MouseElf.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Display Stix - System tray] C:\Program Files\Display Stix 2.5\dstix.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Core Temp – zástupce.lnk = C:\Program Files\Coretemp\Core Temp.exe
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PcTranslator2005\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCC7A950-CE38-4518-AA3B-94FC1A517BD3}: NameServer = 8.8.8.8
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: SafeBoot Client Manager (SafeBootClientManager) - McAfee, Inc. - C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\Uvecko\WinVNC.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14945 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000UA.job
C:\Windows\tasks\Norton Security Scan for Pc.job
C:\Windows\tasks\User_Feed_Synchronization-{E875D9AB-1FAE-4C9C-B680-6FECD6E3AF47}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, myfxva@Merci.chao:1.2.1, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1, {2A1D5949-B519-4924-BF62-8522FE0D5274}:0.13, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908, noia2_option@kk.noia:3.76, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.3&q="

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\PROGRA~1\Crawler\firefox\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npRACtrl.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
LMIProxyHelper.exe
np-mswmp.dll
npdeploytk.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npRACtrl.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
ractrlkeyhook.dll
unicows.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.bak
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\
myfxva@Merci.chao
noia2_option@kk.noia
{07b2a769-ed19-4483-87ce-c643914c81bb}
{0F4F7F5C-C791-4951-8D9C-A0847AD03A7B}
{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\PcTranslator2005\WEBIE.DLL [2008-04-25 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-05-26 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-04-25 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-04-25 2403392]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\PcTranslator2005\WEBIE.DLL [2008-04-25 360448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-03-11 159744]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
""= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-18 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-18 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-18 141848]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"mouseElf"=C:\PROGRA~1\SCROLL~1\MouseElf.EXE [2005-12-16 438364]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-08-31 1047208]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Display Stix - System tray"=C:\Program Files\Display Stix 2.5\dstix.exe [2004-04-24 245760]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"WEBTRAN"= []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"Google Update"=C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-17 136176]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator]
C:\Program Files\Microsoft Office Communicator\communicator.exe [2008-12-16 5160288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]
C:\Program Files\dvd43\dvd43_tray.exe [2006-05-22 694272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-22 2772992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-10-03 480560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
C:\Genius\ioCentre\gTaskBar.exe [2007-04-13 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-02-28 63048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-10-02 1783808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-05-26 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2008-10-28 96816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinVNC – zástupce.lnk]
C:\PROGRA~1\TightVNC\WinVNC.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Core Temp – zástupce.lnk - C:\Program Files\Coretemp\Core Temp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-04-18 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=SbNp
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispScrSavPage"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=divxa32.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.VMnc"=vmnc.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2011-12-02 11:30:35 ----D---- C:\Program Files\trend micro
2011-12-02 11:30:34 ----D---- C:\rsit
2011-11-23 17:29:30 ----D---- C:\ProgramData\McAfee Security Scan
2011-11-23 17:29:30 ----D---- C:\ProgramData\McAfee
2011-11-23 17:29:26 ----D---- C:\Program Files\McAfee Security Scan
2011-11-17 12:24:19 ----D---- C:\Program Files\Common Files\Symantec Shared

======List of files/folders modified in the last 1 month======

2011-12-02 13:53:51 ----D---- C:\Windows\Temp
2011-12-02 13:53:12 ----D---- C:\Users\Pc\AppData\Roaming\SWF.max
2011-12-02 13:49:33 ----D---- C:\Windows\tracing
2011-12-02 13:49:32 ----D---- C:\ProgramData\VMware
2011-12-02 13:46:50 ----SHD---- C:\Windows\Installer
2011-12-02 13:46:44 ----D---- C:\Windows\system32\drivers
2011-12-02 13:46:42 ----D---- C:\Windows\system32\catroot
2011-12-02 13:46:42 ----D---- C:\Windows\Prefetch
2011-12-02 13:46:42 ----D---- C:\Windows\inf
2011-12-02 13:25:35 ----D---- C:\Windows\System32
2011-12-02 13:25:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-02 13:24:19 ----D---- C:\Users\Pc\AppData\Roaming\vlc
2011-12-02 11:30:35 ----RD---- C:\Program Files
2011-12-01 21:58:30 ----SHD---- C:\System Volume Information
2011-12-01 19:44:36 ----D---- C:\Users\Pc\AppData\Roaming\Skype
2011-12-01 18:01:49 ----D---- C:\Hudba
2011-11-30 20:43:22 ----D---- C:\Users\Pc\AppData\Roaming\XnView
2011-11-29 22:21:17 ----D---- C:\Users\Pc\AppData\Roaming\.purple
2011-11-27 20:59:00 ----D---- C:\Foto
2011-11-23 22:04:21 ----D---- C:\Filmy
2011-11-23 17:29:30 ----HD---- C:\ProgramData
2011-11-21 22:28:02 ----D---- C:\Users\Pc\AppData\Roaming\dvdcss
2011-11-17 20:17:13 ----D---- C:\temp
2011-11-17 12:24:19 ----D---- C:\Program Files\Common Files
2011-11-10 22:25:17 ----D---- C:\Users\Pc\AppData\Roaming\uTorrent
2011-11-10 19:25:39 ----D---- C:\Program Files\Mozilla Firefox
2011-11-08 18:54:43 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2009-04-29 103760]
R0 SBAlg;SBAlg; C:\Windows\system32\drivers\SBAlg.sys [2008-08-13 44976]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2009-04-29 6496]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2009-04-29 33328]
R1 SbFlop;SbFlop; C:\Windows\system32\drivers\SbFlop.sys [2009-04-29 34480]
R1 SbRegFlt;SbRegFlt; C:\Windows\system32\drivers\SbRegFlt.sys [2009-04-29 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-10-02 141312]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-01-31 231248]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2008-10-28 32304]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-10-18 47640]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 nxsIO32;NextSensor Kernel I/O Driver; \??\C:\Windows\System32\DRIVERS\nxsIO32.sys [2008-04-24 2208]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2008-10-28 54960]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2008-10-28 31280]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2008-10-28 26288]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2008-10-28 857392]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [2008-10-02 22448]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-04-18 141312]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 axsaki;axsaki; C:\Windows\system32\DRIVERS\axsaki.sys [2003-03-30 102624]
R3 axskbus;axskbus; C:\Windows\system32\DRIVERS\axskbus.sys [2003-03-28 8640]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-12-12 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-12-12 16168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 dvd43llh;dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [2008-08-17 18816]
R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2007-03-13 9856]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-04-18 2354176]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-02-28 10144]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 22216]
R3 mdf15;mdf15; \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288]
R3 mvd21;mvd21; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2008-03-13 2555392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2008-10-28 23216]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2008-10-28 16560]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 ALSysIO;ALSysIO; \??\C:\Users\Pc\AppData\Local\Temp\ALSysIO.sys []
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2008-07-21 273152]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-12-12 80424]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2007-04-13 16384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-06-13 25280]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-08-01 164864]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\Windows\system32\DRIVERS\k600bus.sys [2005-03-04 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k600mdfl.sys [2005-03-04 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k600mdm.sys [2005-03-04 87456]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k600obex.sys [2005-03-04 77072]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS [2004-03-24 17280]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-09-10 352256]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-07-15 409600]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-12-08 374152]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2011-06-06 2468168]
R2 SafeBootClientManager;SafeBoot Client Manager; C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe [2009-04-23 380988]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-10-02 570880]
R2 SZASSIST;SecretZone Assist Service; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [2008-06-20 181544]
R2 uvnc_service;uvnc_service; C:\Program Files\Uvecko\WinVNC.exe [2009-04-03 1693128]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2008-10-28 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2008-10-28 326192]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2008-10-28 399920]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 .EsetTrialReset;Eset Trial Reset; C:\Windows\system32\regedt32.exe [2006-11-02 9216]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-04-25 69632]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-05-01 654848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-25 138168]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2007-12-05 144688]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2006-10-01 16384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2008-10-02 191024]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-12-16 136584]
S4 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-12-16 390528]

-----------------EOF-----------------

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 02 pro 2011 22:11
od vyosek
:arrow: Spise bych se priklonil k antiviru Avast, Avira ci MSE nez McAfee :?:

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 02 pro 2011 23:49
od Jan55
OTL logfile created on: 2.12.2011 23:00:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Pc\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 44,17% Memory free
1,93 Gb Paging File | 0,79 Gb Available in Paging File | 40,97% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 30,91 Gb Free Space | 20,74% Space Free | Partition Type: NTFS
Drive E: | 592,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC-PC | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.12.02 22:55:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Desktop\OTL.exe
PRC - [2011.08.31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.06.06 16:24:44 | 002,468,168 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2010.12.08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010.08.10 14:57:24 | 000,049,321 | ---- | M] (The Pidgin developer community) -- C:\Program Files\Pidgin\pidgin.exe
PRC - [2010.07.30 11:40:54 | 000,090,112 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.05.28 13:45:00 | 000,132,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.05.11 14:15:00 | 000,128,000 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2009.04.23 09:18:21 | 000,380,988 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.03 18:07:54 | 001,693,128 | ---- | M] (UltraVNC) -- C:\Program Files\Uvecko\winvnc.exe
PRC - [2009.03.30 10:11:14 | 000,120,320 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.10.28 23:08:44 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2008.10.28 23:07:56 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2008.10.28 23:07:20 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2008.10.02 20:25:13 | 000,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008.09.24 13:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.09.10 02:31:11 | 000,352,256 | R--- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2008.07.15 03:42:22 | 000,409,600 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2008.06.20 12:14:44 | 000,181,544 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe
PRC - [2008.06.11 11:34:02 | 000,159,744 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2008.01.18 22:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.12.04 13:13:34 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007.12.04 13:13:34 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.03 14:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2005.03.22 16:00:00 | 000,057,344 | ---- | M] (CANON INC.) -- C:\Windows\System32\CNAB4RPK.EXE
PRC - [2004.04.24 19:16:47 | 000,245,760 | ---- | M] (Fractalis Software) -- C:\Program Files\Display Stix 2.5\dstix.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
MOD - [2011.11.15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011.11.15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011.11.15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011.11.15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011.11.15 03:36:18 | 008,593,056 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011.11.15 03:36:18 | 008,593,056 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\APPLIC~1\150874~1.121\gcswf32.dll
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.08.30 13:40:01 | 000,219,305 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpng14-14.dll
MOD - [2010.08.30 13:40:01 | 000,095,189 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpangocairo-1.0-0.dll
MOD - [2010.08.30 13:40:01 | 000,090,496 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
MOD - [2010.08.30 13:40:01 | 000,055,808 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\zlib1.dll
MOD - [2010.08.30 13:40:00 | 000,904,525 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libcairo-2.dll
MOD - [2010.08.30 13:40:00 | 000,482,872 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libgio-2.0-0.dll
MOD - [2010.08.30 13:40:00 | 000,279,059 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libfontconfig-1.dll
MOD - [2010.08.30 13:40:00 | 000,143,096 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libexpat-1.dll
MOD - [2010.08.30 13:39:59 | 000,535,264 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\freetype6.dll
MOD - [2010.08.10 14:57:28 | 000,064,053 | ---- | M] () -- C:\Program Files\Pidgin\plugins\spellchk.dll
MOD - [2010.08.10 14:57:28 | 000,036,934 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppdisco.dll
MOD - [2010.08.10 14:57:28 | 000,031,626 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppconsole.dll
MOD - [2010.08.10 14:57:28 | 000,024,235 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ticker.dll
MOD - [2010.08.10 14:57:28 | 000,023,542 | ---- | M] () -- C:\Program Files\Pidgin\plugins\win2ktrans.dll
MOD - [2010.08.10 14:57:28 | 000,023,498 | ---- | M] () -- C:\Program Files\Pidgin\plugins\winprefs.dll
MOD - [2010.08.10 14:57:28 | 000,020,495 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl-nss.dll
MOD - [2010.08.10 14:57:28 | 000,018,592 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp_format.dll
MOD - [2010.08.10 14:57:28 | 000,014,710 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp.dll
MOD - [2010.08.10 14:57:28 | 000,011,356 | ---- | M] () -- C:\Program Files\Pidgin\plugins\sendbutton.dll
MOD - [2010.08.10 14:57:28 | 000,010,753 | ---- | M] () -- C:\Program Files\Pidgin\plugins\statenotify.dll
MOD - [2010.08.10 14:57:28 | 000,010,716 | ---- | M] () -- C:\Program Files\Pidgin\plugins\relnot.dll
MOD - [2010.08.10 14:57:28 | 000,007,803 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl.dll
MOD - [2010.08.10 14:57:26 | 000,265,618 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmsn.dll
MOD - [2010.08.10 14:57:26 | 000,208,175 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libqq.dll
MOD - [2010.08.10 14:57:26 | 000,160,272 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libgg.dll
MOD - [2010.08.10 14:57:26 | 000,145,811 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsilc.dll
MOD - [2010.08.10 14:57:26 | 000,106,514 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmxit.dll
MOD - [2010.08.10 14:57:26 | 000,094,463 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsametime.dll
MOD - [2010.08.10 14:57:26 | 000,087,663 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmyspace.dll
MOD - [2010.08.10 14:57:26 | 000,087,595 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libnovell.dll
MOD - [2010.08.10 14:57:26 | 000,073,847 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libirc.dll
MOD - [2010.08.10 14:57:26 | 000,070,667 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libbonjour.dll
MOD - [2010.08.10 14:57:26 | 000,044,373 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsimple.dll
MOD - [2010.08.10 14:57:26 | 000,040,118 | ---- | M] () -- C:\Program Files\Pidgin\plugins\log_reader.dll
MOD - [2010.08.10 14:57:26 | 000,024,031 | ---- | M] () -- C:\Program Files\Pidgin\plugins\pidginrc.dll
MOD - [2010.08.10 14:57:26 | 000,022,976 | ---- | M] () -- C:\Program Files\Pidgin\plugins\notify.dll
MOD - [2010.08.10 14:57:26 | 000,018,119 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoo.dll
MOD - [2010.08.10 14:57:26 | 000,016,931 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libxmpp.dll
MOD - [2010.08.10 14:57:26 | 000,015,592 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoojp.dll
MOD - [2010.08.10 14:57:26 | 000,015,331 | ---- | M] () -- C:\Program Files\Pidgin\plugins\markerline.dll
MOD - [2010.08.10 14:57:26 | 000,012,822 | ---- | M] () -- C:\Program Files\Pidgin\plugins\offlinemsg.dll
MOD - [2010.08.10 14:57:26 | 000,011,935 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libicq.dll
MOD - [2010.08.10 14:57:26 | 000,010,667 | ---- | M] () -- C:\Program Files\Pidgin\plugins\psychic.dll
MOD - [2010.08.10 14:57:26 | 000,009,767 | ---- | M] () -- C:\Program Files\Pidgin\plugins\newline.dll
MOD - [2010.08.10 14:57:24 | 000,317,918 | ---- | M] () -- C:\Program Files\Pidgin\libjabber.dll
MOD - [2010.08.10 14:57:24 | 000,257,332 | ---- | M] () -- C:\Program Files\Pidgin\liboscar.dll
MOD - [2010.08.10 14:57:24 | 000,189,815 | ---- | M] () -- C:\Program Files\Pidgin\libymsg.dll
MOD - [2010.08.10 14:57:24 | 000,019,699 | ---- | M] () -- C:\Program Files\Pidgin\plugins\convcolors.dll
MOD - [2010.08.10 14:57:24 | 000,014,681 | ---- | M] () -- C:\Program Files\Pidgin\plugins\history.dll
MOD - [2010.08.10 14:57:24 | 000,013,945 | ---- | M] () -- C:\Program Files\Pidgin\plugins\autoaccept.dll
MOD - [2010.08.10 14:57:24 | 000,012,818 | ---- | M] () -- C:\Program Files\Pidgin\plugins\joinpart.dll
MOD - [2010.08.10 14:57:24 | 000,012,794 | ---- | M] () -- C:\Program Files\Pidgin\plugins\idle.dll
MOD - [2010.08.10 14:57:24 | 000,011,501 | ---- | M] () -- C:\Program Files\Pidgin\plugins\extplacement.dll
MOD - [2010.08.10 14:57:24 | 000,010,872 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libaim.dll
MOD - [2010.08.10 14:57:24 | 000,009,946 | ---- | M] () -- C:\Program Files\Pidgin\plugins\gtkbuddynote.dll
MOD - [2010.08.10 14:57:24 | 000,009,052 | ---- | M] () -- C:\Program Files\Pidgin\plugins\buddynote.dll
MOD - [2010.08.10 14:57:24 | 000,008,881 | ---- | M] () -- C:\Program Files\Pidgin\idletrack.dll
MOD - [2010.08.10 14:57:24 | 000,008,664 | ---- | M] () -- C:\Program Files\Pidgin\plugins\iconaway.dll
MOD - [2010.08.10 14:57:22 | 000,582,656 | ---- | M] () -- C:\Program Files\Pidgin\exchndl.dll
MOD - [2010.08.10 14:57:22 | 000,475,580 | ---- | M] () -- C:\Program Files\Pidgin\spellcheck\libgtkspell-0.dll
MOD - [2010.08.10 14:55:20 | 000,417,501 | ---- | M] () -- C:\Program Files\Pidgin\sqlite3.dll
MOD - [2010.08.10 14:55:14 | 002,719,062 | ---- | M] () -- C:\Program Files\Pidgin\libsilc-1-1-2.dll
MOD - [2010.08.10 14:55:14 | 001,206,642 | ---- | M] () -- C:\Program Files\Pidgin\libsilcclient-1-1-2.dll
MOD - [2010.08.10 14:55:14 | 000,173,805 | ---- | M] () -- C:\Program Files\Pidgin\libmeanwhile-1.dll
MOD - [2010.08.10 14:55:00 | 001,213,633 | ---- | M] () -- C:\Program Files\Pidgin\libxml2-2.dll
MOD - [2008.08.12 11:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008.07.29 14:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008.07.29 14:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008.07.29 14:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008.07.29 14:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2008.07.29 13:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2008.06.11 11:34:02 | 000,159,744 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2007.12.04 13:07:28 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.12.04 12:55:36 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2007.10.02 14:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 17:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Unknown | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- -- (SBSDWSCService)
SRV - [2011.08.31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.06 16:24:44 | 002,468,168 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2010.12.16 18:12:55 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010.12.16 18:11:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010.12.08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010.07.30 11:40:54 | 000,090,112 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.04.23 09:18:21 | 000,380,988 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe -- (SafeBootClientManager)
SRV - [2009.04.03 18:07:54 | 001,693,128 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\Uvecko\WinVNC.exe -- (uvnc_service)
SRV - [2008.10.28 23:08:44 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2008.10.28 23:07:56 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2008.10.28 23:07:20 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2008.10.02 20:25:13 | 000,570,880 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2008.10.02 18:25:42 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2008.09.24 13:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.09.10 02:31:11 | 000,352,256 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008.07.15 03:42:22 | 000,409,600 | R--- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2008.06.20 12:14:44 | 000,181,544 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe -- (TeamViewer)
SRV - [2008.05.01 15:39:06 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.01.18 22:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.03.05 08:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2006.11.02 10:45:35 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\regedt32.exe -- (.EsetTrialReset)
SRV - [2006.10.01 13:37:42 | 000,016,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)


========== Driver Services (SafeList) ==========

DRV - [2011.08.31 16:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.01.31 21:15:12 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010.12.16 18:11:40 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.06.14 14:14:48 | 000,064,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys -- (mvd21)
DRV - [2010.03.18 16:24:34 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys -- (mdf15)
DRV - [2009.04.29 18:23:47 | 000,014,592 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbRegFlt.sys -- (SbRegFlt)
DRV - [2009.04.29 18:23:42 | 000,006,496 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009.04.29 18:23:39 | 000,033,328 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\RsvLock.sys -- (RsvLock)
DRV - [2009.04.29 18:23:36 | 000,034,480 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFlop.sys -- (SbFlop)
DRV - [2009.04.29 18:23:29 | 000,103,760 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009.02.09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.10.28 23:08:58 | 000,054,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2008.10.28 23:08:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2008.10.28 23:08:56 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2008.10.28 23:08:54 | 000,857,392 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2008.10.28 23:08:52 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2008.10.28 17:03:28 | 000,031,280 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2008.10.28 17:03:28 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2008.10.18 10:31:35 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.10.02 20:25:13 | 000,141,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2008.10.02 18:24:48 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.13 12:51:42 | 000,044,976 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SbAlg.sys -- (SBAlg)
DRV - [2008.07.21 07:47:30 | 000,273,152 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerFx2hbtv.sys -- (AVerFx2hbtv)
DRV - [2008.06.13 18:18:36 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.04.24 23:36:35 | 000,002,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nxsIO32.sys -- (nxsIO32)
DRV - [2008.03.13 02:36:42 | 002,555,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Ovladač adaptéru Intel(R)
DRV - [2008.03.04 01:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.02.28 14:31:52 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2007.08.28 14:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.08.08 19:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.08.01 14:42:32 | 000,164,864 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007.07.30 10:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 09:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.10 05:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.18 15:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.04.18 11:03:26 | 000,141,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.04.13 17:44:32 | 000,016,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2007.03.13 18:21:46 | 000,009,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006.10.01 13:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
DRV - [2006.06.28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005.03.04 18:15:54 | 000,077,072 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k600obex.sys -- (k600obex)
DRV - [2005.03.04 18:11:26 | 000,087,456 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k600mdm.sys -- (k600mdm)
DRV - [2005.03.04 18:11:20 | 000,006,096 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k600mdfl.sys -- (k600mdfl)
DRV - [2005.03.04 18:08:50 | 000,052,384 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k600bus.sys -- (k600bus) Sony Ericsson 600i driver (WDM)
DRV - [2004.03.24 03:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\nsndis5.sys -- (NSNDIS5)
DRV - [2003.03.30 20:38:18 | 000,102,624 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\axsaki.sys -- (axsaki)
DRV - [2003.03.28 10:58:42 | 000,008,640 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\axskbus.sys -- (axskbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
IE - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: myfxva@Merci.chao:1.2.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {2A1D5949-B519-4924-BF62-8522FE0D5274}:0.13
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.3.3&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Pc\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.05.26 17:28:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\PROGRA~1\Crawler\firefox\ [2009.03.19 20:49:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.14 23:00:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.10 18:02:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.10 18:02:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.10 19:25:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.02 19:41:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2008.08.25 11:59:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\Extensions
[2011.11.28 20:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions
[2010.12.14 19:37:59 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2008.04.24 14:01:46 | 000,000,000 | ---D | M] (AeroFox Basic) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{0F4F7F5C-C791-4951-8D9C-A0847AD03A7B}
[2008.04.24 14:02:06 | 000,000,000 | ---D | M] (Metal Lion - Vista) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
[2010.12.14 19:38:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.11.28 20:46:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.14 19:37:53 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2011.11.19 11:19:29 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.05.05 14:45:45 | 000,000,000 | ---D | M] (myFireFox & Vista-aero Modifier) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\myfxva@Merci.chao
[2010.12.14 19:38:06 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\noia2_option@kk.noia
[2010.12.14 19:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2011.12.02 16:55:22 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-1.xml
[2010.04.03 17:38:35 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-10.xml
[2010.06.28 18:37:03 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-11.xml
[2010.06.29 16:47:47 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-12.xml
[2010.07.22 17:36:54 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-13.xml
[2010.07.27 18:37:32 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-14.xml
[2010.08.09 17:41:23 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-15.xml
[2010.09.20 17:35:30 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-16.xml
[2010.10.27 21:23:11 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-17.xml
[2010.10.30 19:19:18 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-18.xml
[2010.12.13 19:27:28 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-19.xml
[2009.08.11 18:08:37 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-2.xml
[2011.03.03 16:20:38 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-20.xml
[2011.03.07 19:19:53 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-21.xml
[2011.03.27 19:42:22 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-22.xml
[2011.05.02 19:38:52 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-23.xml
[2011.05.02 19:42:28 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-24.xml
[2011.06.29 12:11:33 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-25.xml
[2011.08.09 07:15:31 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-26.xml
[2011.08.21 19:22:41 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-27.xml
[2011.08.24 15:45:44 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-28.xml
[2011.09.08 19:12:15 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-29.xml
[2009.09.15 18:44:06 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-3.xml
[2011.09.14 21:57:41 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-30.xml
[2011.10.04 16:21:10 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-31.xml
[2011.10.17 21:16:50 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-32.xml
[2009.10.30 12:35:35 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-4.xml
[2009.12.20 21:13:13 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-5.xml
[2010.01.08 17:45:55 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-6.xml
[2010.02.23 18:14:20 | 000,000,961 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-7.xml
[2010.03.15 18:45:03 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-8.xml
[2010.03.25 08:28:43 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-9.xml
[2009.07.23 18:58:00 | 000,000,944 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin.xml
[2011.11.10 19:25:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.14 20:51:21 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
() (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LQFVB7EK.DEFAULT\EXTENSIONS\{2A1D5949-B519-4924-BF62-8522FE0D5274}.XPI
() (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LQFVB7EK.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
() (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LQFVB7EK.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LQFVB7EK.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2011.11.10 19:25:39 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008.05.19 13:57:00 | 002,641,920 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npRACtrl.dll
[2008.02.28 13:30:00 | 000,008,784 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
[2008.02.28 13:33:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\unicows.dll
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.bak
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011.10.10 21:45:52 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.10 21:45:52 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.10 21:45:52 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.10 21:45:52 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.10 21:45:52 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U15 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.150.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.4.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.4.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.4.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.4.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.4.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.4.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.4.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: LogMeIn, Inc. Remote Access Components 1.0.0.381 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npRACtrl.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Pc\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Pc\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PcTranslator2005\WEBIE.DLL ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PcTranslator2005\WEBIE.DLL ()
O3 - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mouseElf] C:\Program Files\Scroll Mouse\MouseElf.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1408431834-899597845-2981051543-1000..\Run: [Display Stix - System tray] C:\Program Files\Display Stix 2.5\dstix.exe (Fractalis Software)
O4 - HKU\S-1-5-21-1408431834-899597845-2981051543-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1408431834-899597845-2981051543-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-1408431834-899597845-2981051543-1000..\Run: [WEBTRAN] File not found
O4 - Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Core Temp – zástupce.lnk = C:\Program Files\Coretemp\Core Temp.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PcTranslator2005\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PcTranslator2005\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PcTranslator2005\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PcTranslator2005\WEBIE.DLL ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.100.43.2 212.80.66.7 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C863160-1348-4776-B2D2-B9312307EE05}: DhcpNameServer = 82.100.43.2 212.80.66.7 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCC7A950-CE38-4518-AA3B-94FC1A517BD3}: NameServer = 8.8.8.8
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Pc\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Pc\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.04.14 13:00:00 | 000,000,112 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.divxa32 - divxa32.acm File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - ff_vfw.dll File not found
Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.)
Drivers32: vidc.XVID - xvidvfw.dll File not found
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.12.02 22:55:46 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Pc\Desktop\OTL.exe
[2011.12.02 11:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.02 11:30:34 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.01 17:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2003.03.30 20:38:18 | 000,102,624 | ---- | C] ( ) -- C:\Windows\System32\drivers\axsaki.sys
[2003.03.28 10:58:42 | 000,008,640 | ---- | C] ( ) -- C:\Windows\System32\drivers\axskbus.sys

========== Files - Modified Within 7 Days ==========

[2011.12.02 23:06:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.02 22:59:00 | 000,601,522 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.12.02 22:59:00 | 000,589,862 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.02 22:59:00 | 000,116,224 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.12.02 22:59:00 | 000,102,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.02 22:55:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Desktop\OTL.exe
[2011.12.02 22:54:21 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.12.02 22:54:03 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.02 22:54:03 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.02 22:53:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.02 22:53:47 | 000,205,787 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2011.12.02 20:38:53 | 000,004,732 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.12.02 20:38:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000UA.job
[2011.12.02 20:38:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000Core.job
[2011.12.02 13:34:39 | 000,071,680 | ---- | M] () -- C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.01 17:29:50 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.12.01 17:29:49 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

========== Files Created - No Company Name ==========

[2011.12.02 23:06:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2010.11.21 22:47:49 | 000,001,480 | ---- | C] () -- C:\Users\Pc\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2010.05.11 20:25:04 | 000,049,152 | R--- | C] () -- C:\Windows\System32\AVerIO.dll
[2010.05.11 20:25:04 | 000,003,456 | R--- | C] () -- C:\Windows\System32\AVerIO.sys
[2010.05.11 20:24:51 | 000,253,952 | R--- | C] () -- C:\Windows\System32\sptlib02.dll
[2010.05.11 20:24:51 | 000,249,856 | R--- | C] () -- C:\Windows\System32\sptlib01.dll
[2010.05.11 20:24:51 | 000,245,760 | R--- | C] () -- C:\Windows\System32\sptlib03.dll
[2009.09.14 19:41:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.14 19:41:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.12 20:36:12 | 000,000,135 | ---- | C] () -- C:\Users\Pc\AppData\Roaming\default.rss
[2009.05.20 17:54:21 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.04.29 18:23:29 | 000,103,760 | ---- | C] () -- C:\Windows\System32\drivers\SafeBoot.sys
[2009.04.08 22:04:40 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.02.22 11:39:54 | 000,055,856 | ---- | C] () -- C:\Windows\System32\vnetinst.dll
[2009.01.16 18:51:09 | 000,159,604 | ---- | C] () -- C:\Windows\Marsu-Fix 2.5 Uninstaller.exe
[2008.10.26 21:19:30 | 000,029,903 | ---- | C] () -- C:\Users\Pc\AppData\Roaming\mdbu.bin
[2008.10.02 20:25:13 | 000,141,312 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2008.09.19 11:50:51 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2008.08.04 09:39:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.06.14 05:53:23 | 000,040,960 | ---- | C] () -- C:\Windows\System32\MMAVILNG.exe
[2008.06.13 11:20:17 | 000,000,716 | ---- | C] () -- C:\Windows\tcburner.ini
[2008.05.26 12:16:29 | 000,000,502 | ---- | C] () -- C:\Windows\wcx_ftp.ini
[2008.05.25 10:12:33 | 000,001,796 | ---- | C] () -- C:\Windows\mozver.dat
[2008.05.10 18:51:26 | 000,016,384 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2008.05.10 18:51:26 | 000,009,856 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb.sys
[2008.05.10 18:37:47 | 000,049,152 | ---- | C] () -- C:\Windows\System32\TaskKeyHook.dll
[2008.05.10 18:37:47 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Whoru.dll
[2008.05.10 18:37:46 | 000,061,440 | ---- | C] () -- C:\Windows\System32\KBHook.dll
[2008.05.10 18:37:46 | 000,006,656 | ---- | C] () -- C:\Windows\System32\drivers\gflmouhid.sys
[2008.04.27 20:01:30 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.04.26 00:19:41 | 000,475,100 | ---- | C] () -- C:\Users\Pc\AppData\Roaming\NMM-MetaData.db
[2008.04.25 20:37:40 | 000,000,662 | ---- | C] () -- C:\Windows\eReg.dat
[2008.04.25 13:14:40 | 000,000,055 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2008.04.25 13:12:17 | 000,000,258 | ---- | C] () -- C:\Windows\MAILTRAN.INI
[2008.04.25 13:12:13 | 000,001,546 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2008.04.25 13:11:52 | 000,004,193 | ---- | C] () -- C:\Windows\WTRAN32.INI
[2008.04.25 13:11:52 | 000,003,915 | ---- | C] () -- C:\Windows\WDICT32.INI
[2008.04.25 09:43:11 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.04.24 23:36:35 | 000,002,208 | ---- | C] () -- C:\Windows\System32\drivers\nxsIO32.sys
[2008.04.24 20:48:09 | 000,004,691 | ---- | C] () -- C:\Windows\WINCMD.INI
[2008.04.24 13:51:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.04.24 12:53:00 | 000,071,680 | ---- | C] () -- C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.24 10:20:44 | 000,000,680 | ---- | C] () -- C:\Users\Pc\AppData\Local\d3d9caps.dat
[2008.04.24 10:14:53 | 000,004,732 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.04.18 17:28:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1472.dll
[2008.04.18 17:15:12 | 001,470,664 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2008.02.11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008.02.11 10:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008.02.11 10:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008.02.11 10:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2007.12.04 12:55:36 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.09.13 14:31:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007.09.13 14:22:46 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.09.13 14:22:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007.08.21 19:46:34 | 000,059,160 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2007.01.08 22:09:29 | 000,601,522 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2007.01.08 22:09:29 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2007.01.08 22:09:29 | 000,116,224 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2007.01.08 22:09:29 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 001,593,880 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,589,862 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,102,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2004.10.07 13:50:50 | 000,072,704 | ---- | C] () -- C:\Windows\System32\zlibmax.dll
[2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.06.01 18:57:22 | 000,002,560 | ---- | C] () -- C:\Windows\System32\swfmaxps.dll

========== LOP Check ==========

[2011.12.02 23:09:00 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\.purple
[2009.08.22 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Any Video Converter
[2008.09.19 13:13:05 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\DassaultSystemes
[2008.09.19 11:52:11 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\DWGeditor
[2008.06.04 11:22:48 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2010.06.17 20:05:38 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Facebook
[2011.12.02 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\gtk-2.0
[2010.12.24 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ICQ
[2010.08.30 13:27:20 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\KDE
[2008.10.21 08:37:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Leadertech
[2008.04.30 22:03:15 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\MetaProducts
[2011.07.29 15:24:05 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Nokia
[2010.08.18 20:02:36 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PC Suite
[2008.04.27 20:39:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PCToolsFirewallPlus
[2009.12.01 22:32:59 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Spyware Terminator
[2009.08.12 18:57:47 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SuperMP3Download
[2011.12.02 22:56:11 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SWF.max
[2009.01.10 19:27:48 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TeamViewer
[2011.02.10 22:59:28 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TrueCrypt
[2011.11.10 22:25:17 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\uTorrent
[2008.04.30 22:24:33 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\WeatherWatcher
[2011.11.30 20:43:22 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\XnView
[2011.12.02 20:38:58 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.20 19:37:12 | 000,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E875D9AB-1FAE-4C9C-B680-6FECD6E3AF47}.job

========== Purity Check ==========

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 02 pro 2011 23:52
od Jan55
========== Custom Scans ==========


< >

< >


< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.18 22:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.18 22:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.04.24 14:23:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.04.24 14:23:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.04.24 14:23:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.18 22:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.18 20:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 20:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.08.11 20:19:52 | 000,311,808 | ---- | M] () MD5=20023F09AF085A92B11A58434EAC4E19 -- C:\temp\Lightroom 2.1 [KC]\Adobe Photoshop Lightroom 2.1\10000002cd00002i\explorer.exe
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.04.24 14:30:38 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.04.24 14:30:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\temp\Lightroom 2.1 [KC]\Adobe Photoshop Lightroom 2.1\%SystemRoot%\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.18 22:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.01.18 22:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.18 22:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.18 22:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.04.24 14:21:11 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.04.24 14:21:12 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.18 22:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.18 22:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.18 22:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.18 22:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< >

< %systemroot%*.* /U /s >
[15 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[6 C:\Windows\System32\DriverStore\FileRepository\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\Temp\*.tmp files -> C:\Windows\System32\DriverStore\Temp\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\*.tmp files -> C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.12.02 23:23:55 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\.purple
[2010.11.21 22:47:36 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Adobe
[2008.04.25 00:21:13 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\AdobeUM
[2009.08.22 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Any Video Converter
[2008.09.19 13:13:05 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\DassaultSystemes
[2011.05.10 19:30:27 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\DivX
[2011.11.21 22:28:02 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\dvdcss
[2008.09.19 11:52:11 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\DWGeditor
[2008.06.04 11:22:48 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2010.06.17 20:05:38 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Facebook
[2008.07.13 18:18:49 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Google
[2011.12.02 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\gtk-2.0
[2008.11.02 11:36:57 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Hamachi
[2010.12.24 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ICQ
[2008.04.24 10:20:51 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Identities
[2008.04.24 10:25:36 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\InstallShield
[2010.08.30 13:27:20 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\KDE
[2008.10.21 08:37:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Leadertech
[2008.04.24 13:49:18 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Macromedia
[2009.01.10 13:40:11 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Media Center Programs
[2008.04.24 20:26:36 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Media Player Classic
[2008.04.30 22:03:15 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\MetaProducts
[2011.10.26 18:28:27 | 000,000,000 | --SD | M] -- C:\Users\Pc\AppData\Roaming\Microsoft
[2009.02.26 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Microsoft Games
[2008.08.25 11:59:06 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Mozilla
[2009.04.08 23:05:58 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Nero
[2011.07.29 15:24:05 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Nokia
[2010.08.18 20:02:36 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PC Suite
[2008.04.27 20:39:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PCToolsFirewallPlus
[2009.03.30 18:44:36 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Real
[2011.12.01 19:44:36 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Skype
[2009.11.16 16:27:39 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SolidWorks
[2009.04.16 11:05:15 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SolidWorks 2008
[2009.12.01 22:32:59 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Spyware Terminator
[2009.08.12 18:57:47 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SuperMP3Download
[2011.12.02 22:56:11 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SWF.max
[2008.04.24 13:52:21 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Talkback
[2009.01.10 19:27:48 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TeamViewer
[2011.02.10 22:59:28 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TrueCrypt
[2009.04.24 18:04:37 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\UltraVNC
[2011.11.10 22:25:17 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\uTorrent
[2011.12.02 13:24:19 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\vlc
[2011.02.02 19:11:50 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\VMware
[2008.04.30 22:24:33 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\WeatherWatcher
[2008.08.26 10:06:47 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\WinRAR
[2011.11.30 20:43:22 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >
[2010.06.17 20:05:38 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Pc\AppData\Roaming\Facebook\uninstall.exe
[2009.06.02 18:19:03 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Pc\AppData\Roaming\Real\RealPlayer\Update\RealPlayer11.exe
[2010.01.11 20:36:49 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Pc\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.09.16 17:37:56 | 000,452,104 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Pc\AppData\Roaming\Real\Update\setup3.12\setup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.18 22:34:10 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2008.01.18 22:34:10 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2004.08.04 02:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msscript.dll

< %systemroot%\Tasks\*.job >
[2011.12.02 20:38:00 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000Core.job
[2011.12.02 20:38:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000UA.job
[2011.11.19 11:47:25 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job
[2010.12.20 19:37:12 | 000,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E875D9AB-1FAE-4C9C-B680-6FECD6E3AF47}.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.04.29 18:23:29 | 000,103,760 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\SafeBoot.sys

< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.18 22:34:10 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2008.01.18 22:34:10 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2004.08.04 02:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msscript.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.12.02 22:54:03 | 000,004,528 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.02 22:54:03 | 000,004,528 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.02 22:54:21 | 000,065,536 | ---- | M] () -- C:\Windows\system32\Ikeext.etl
[2011.12.02 22:53:47 | 000,205,787 | ---- | M] () -- C:\Windows\system32\oodbs.lor
[2011.12.02 22:59:00 | 000,116,224 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.12.02 22:59:00 | 000,102,460 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.12.02 22:59:00 | 000,601,522 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.12.02 22:59:00 | 000,589,862 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.12.02 22:59:00 | 001,402,048 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"Display Stix - System tray" = C:\Program Files\Display Stix 2.5\dstix.exe -- [2004.04.24 19:16:47 | 000,245,760 | ---- | M] (Fractalis Software)
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 12:58:52 | 000,495,616 | ---- | M] ()
"WEBTRAN" =
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.18 22:33:10 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.05.17 20:55:01 | 000,136,176 | ---- | M] (Google Inc.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"swg" = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -- [2008.04.25 00:12:45 | 000,171,448 | ---- | M] (Google Inc.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.02 23:06:21 | 000,000,512 | ---- | M] () MD5=9DD0D6C0154BE8765E45F3970D88625F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.04.30 22:30:53 | 001,028,186 | ---- | M] () -- \Program Files\Net Activity Diagram\Instal\netactivitydiagramv2.0rc1crackrock.zip
[2007.06.25 22:09:46 | 000,040,960 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\bin\Aircrack-ng GUI.exe
[2007.06.25 22:06:40 | 000,231,447 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\bin\aircrack-ng.exe
[2007.06.25 19:27:32 | 000,079,365 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\aircrack-ng.c
[2007.05.04 19:21:14 | 000,005,963 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\aircrack-ng.h
[2007.06.16 00:23:30 | 000,012,755 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\aircrack-ptw-lib.c
[2007.04.29 22:54:06 | 000,001,819 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\aircrack-ptw-lib.h
[2007.06.25 22:14:28 | 000,000,922 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\GUI\Aircrack-ng.sln
[2007.06.25 22:14:28 | 000,018,432 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\GUI\Aircrack-ng.suo
[2007.06.25 22:14:28 | 000,003,341 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\GUI\Aircrack-ng\Aircrack-ng.csproj
[2007.06.25 22:14:28 | 000,000,538 | ---- | M] () -- \Sdileni\programy\wifi_crack\aircrack-ng-win-0.9.1\src\GUI\Aircrack-ng\Aircrack-ng.csproj.user

< *keygen* /s >

< *loader* /s >
[2007.03.14 18:21:36 | 004,937,904 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 16:07:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.03.14 16:10:18 | 000,088,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:20 | 000,025,188 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:26 | 000,032,022 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:28 | 000,032,216 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:30 | 000,027,655 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:36 | 000,030,891 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:38 | 000,032,399 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,393 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:46 | 000,022,871 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:48 | 000,025,272 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,109 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,441 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:52 | 000,032,499 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:54 | 000,032,074 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:56 | 000,032,110 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:58 | 000,024,996 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:00 | 000,031,772 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:02 | 000,024,463 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:04 | 000,025,054 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,032,171 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,024,411 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:08 | 000,025,525 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,741 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,833 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 15:35:32 | 000,004,239 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007.11.07 10:21:26 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2007.11.06 20:10:00 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2007.11.07 11:40:30 | 000,205,312 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\9.0\VSTOLoader.dll
[2007.11.07 11:40:30 | 000,018,952 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\9.0\1033\VSTOLoaderUI.dll
[2003.04.11 14:45:42 | 000,348,160 | ---- | M] () -- \Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2009.07.03 10:09:08 | 000,001,315 | ---- | M] () -- \Program Files\HappyFoto\HF Designer\Loader.elf
[2009.04.15 16:44:52 | 000,308,224 | ---- | M] () -- \Program Files\HappyFoto\HF Designer\Loader.exe
[2009.03.01 11:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 11:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.07.14 20:41:32 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2009.07.14 20:41:46 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2009.01.21 15:30:04 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2008.05.05 15:51:28 | 000,028,672 | ---- | M] () -- \Program Files\PC Drivers HeadQuarters\Driver Detective\Microsoft.ApplicationBlocks.Updater.Downloaders.dll
[2010.08.30 13:39:59 | 000,025,294 | ---- | M] () -- \Program Files\Pidgin\Gtk\bin\gdk-pixbuf-query-loaders.exe
[2010.08.30 13:40:01 | 000,000,543 | ---- | M] () -- \Program Files\Pidgin\Gtk\etc\gtk-2.0\gdk-pixbuf.loaders
[2005.10.27 19:49:44 | 000,161,984 | ---- | M] () -- \Program Files\Total Commander 1.8 pack\PLUGINS\System Media\HEXelon\fldrpx\preloader.bmp
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.09.19 12:55:44 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.02.01 22:42:51 | 000,032,256 | ---- | M] () -- \ProgramData\TrueCrypt\Original System Loader
[2009.10.03 17:45:56 | 000,001,228 | ---- | M] () -- \temp\boot\grub\pxeloader.S
[2008.09.19 12:55:44 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.02.01 22:42:51 | 000,032,256 | ---- | M] () -- \Users\All Users\TrueCrypt\Original System Loader
[2008.01.18 22:34:06 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.12.02 23:00:01 | 000,003,306 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader
[2008.05.11 10:51:02 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.05.11 10:51:02 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.05.11 10:51:02 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2009.09.15 17:18:14 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009.09.15 17:18:16 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009.09.15 17:18:18 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.05.11 10:49:04 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.05.11 10:49:04 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.04.24 13:57:33 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.04.24 13:57:13 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.04.24 13:57:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.04.24 13:57:14 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.04.24 13:58:12 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.04.24 13:58:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.04.24 13:58:35 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.04.24 13:57:32 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.04.24 13:57:12 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.04.24 13:57:44 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.04.24 13:57:13 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.04.24 13:58:11 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.04.24 13:58:16 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.04.24 13:58:35 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 03:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.04.24 13:57:03 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.04.24 13:57:02 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.18 23:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.04.24 13:56:43 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.04.24 13:56:42 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.18 23:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.18 22:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.18 22:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:1CA73D29
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 02 pro 2011 23:52
od Jan55
OTL Extras logfile created on: 2.12.2011 23:00:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Pc\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 44,17% Memory free
1,93 Gb Paging File | 0,79 Gb Available in Paging File | 40,97% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 30,91 Gb Free Space | 20,74% Space Free | Partition Type: NTFS
Drive E: | 592,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC-PC | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1408431834-899597845-2981051543-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0161E224-D010-45F5-B0C4-143C77AB81AE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{01A1D270-BD4A-4E92-9F89-5A3DDB4A4F13}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0DCE9769-1E8E-4762-B6A7-E760B15C2CE0}" = lport=1701 | protocol=17 | dir=in | app=system |
"{10A66CFB-3139-4478-B648-033D619A3F96}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 |
"{1CAB3B05-A4B2-42BD-A614-99F23B594F77}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{1F3A9F4E-9901-44BE-AA59-94C386644795}" = lport=445 | protocol=6 | dir=in | app=system |
"{1F5B0F62-8FC6-40AB-B85A-E5F08A4112B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{223D4D37-6B3E-4684-8204-D49AF8C46E2A}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{2B042CED-7722-4E2A-B45B-4E16CAF824E5}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe |
"{2DEF6A7C-C91D-4B48-AEEE-94D6AC526586}" = rport=138 | protocol=17 | dir=out | app=system |
"{30CF81A9-619C-4C8F-971A-EE01F00F0E13}" = lport=10243 | protocol=6 | dir=in | app=system |
"{349A6ED3-8DEF-4667-857A-DB95C2753265}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{3685C06A-D546-42DD-A229-FC95D2E7FF5B}" = lport=3389 | protocol=6 | dir=in | name=remote |
"{372A825C-3395-4964-A164-F801C9CB6C0B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{39262A5A-DEAC-48C0-8C18-958AC9D83515}" = lport=5985 | protocol=6 | dir=in | app=system |
"{3C23A26C-7A4D-4D9E-AF77-F7623DA9445A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{428FB1C5-86CF-4B49-9CCB-4D9415FD7363}" = lport=445 | protocol=6 | dir=in | app=system |
"{48EA6B19-9B58-4F27-9279-D9F6F1347CC9}" = rport=1723 | protocol=6 | dir=out | app=system |
"{49B9A391-443A-43F2-856E-49CFA0257AA8}" = lport=445 | protocol=6 | dir=in | app=system |
"{4FB2101C-4CD3-48CD-81D6-091A3176934D}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{50DC3B67-4841-4A69-AA07-3C06C177247D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{52E94B4C-FD14-46B4-80E7-4FEB9BD7BBBF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{53968ACF-13FD-40DB-A5B9-36AD5CC58BD7}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5FC99B3F-B85B-449D-8E83-A07A9B8917EB}" = rport=445 | protocol=6 | dir=out | app=system |
"{67026B93-BB79-444F-96B4-5FB365F2FFB5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F3E7EB8-4D2E-462A-B421-5310242C80A0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85C50B90-B3FA-48E7-8104-EA664E8D0AF9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{8BA9BFA7-8442-4331-961D-6CE06A5F6396}" = lport=139 | protocol=6 | dir=in | app=system |
"{904FF028-6B7F-467E-8AB5-310A70B3CD09}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
"{97FD52D7-E35F-42E0-BBDE-7B6D07E981DA}" = rport=1701 | protocol=17 | dir=out | app=system |
"{9C7C996C-3232-4965-AFC0-003ACA8B258D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2180C19-2B20-41FC-9A9E-37F6291EE193}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AA399FFA-C15B-4402-8A28-D02B7EB45354}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B285A406-29CB-4C84-8828-04DF5418C45E}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7999589-CB06-437E-B8AA-59F484D73430}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{BED989E1-8EF8-4F5E-A3DF-93BCAB03036D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFAD790E-B835-41BB-A7E9-7AAF150B2464}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{C1FDB709-50B6-4F66-92EA-853881C026DA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C74C988B-FEB3-4DCB-BC84-24D97EC89D07}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C7EC663D-6B68-446E-A57C-803A495B0FC6}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
"{CA0B56F5-A8ED-4D6B-9D89-785E188AE05C}" = rport=139 | protocol=6 | dir=out | app=system |
"{CA63EC07-D19F-4A97-B289-27505848DC0C}" = lport=445 | protocol=6 | dir=in | app=system |
"{DC323B6F-D824-4349-9EED-1D8F9AF43666}" = lport=137 | protocol=17 | dir=in | app=system |
"{DEF38B5A-1DC5-4F57-8540-F47C88257F0D}" = lport=1723 | protocol=6 | dir=in | app=system |
"{E902255B-E7B2-4316-AFED-E6223B25946A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{F19549DF-BF7C-45B6-B69A-EC977C06E5A5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{F37C19C5-6970-43C2-9C4A-67672F72AC5D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F63661B2-C902-4A07-95A2-F9A10DAF9AA5}" = lport=138 | protocol=17 | dir=in | app=system |
"{F8007228-EFED-4869-B85B-EA3BE3A3AD0F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F92D7715-04D2-49E4-9233-A4822610D212}" = rport=2869 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D9F9FD-EF16-4B00-A5F1-721DAA0B4462}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02A1105F-5DE5-4CF9-A425-A1ACAE46688D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0473003B-7EB2-4E99-9729-104B58AF5AFC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{066518BB-11D0-4C67-9A31-1F9CB0BE130B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{09EE6D45-0F48-4AC8-BC52-0CF585ECEC84}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{0DE83CAF-ADBA-4161-B23E-0982C92AC54F}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{1745CB7E-CBA9-419D-9561-09A64DB1AD02}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{1DAB320E-F88E-4DF4-8D12-DEDA35FB4667}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1E1CA422-A498-492D-A9AE-1D13296373D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1EECF478-20C3-4A63-956C-FC4C9D5B17B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FA6814A-9DB8-467C-A1AA-227501570051}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FC73B6B-653B-429E-83A0-EADE0E189389}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{216230E4-8ADC-454F-85C3-3008E2C6C911}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{26A8C515-7564-4FD6-B385-38A9BC6DD5E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2EB7D018-3FEF-4D3B-B37D-D7278AB04E3B}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{2F116A2E-0AD7-41F6-95F6-C45B925AB201}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30672C7C-F2B9-4ABF-BCDC-7F01323E21C2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32711CC6-D8F2-4FE5-AF33-9A012BBB3379}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32A469AD-0D6C-4E70-9D8E-EDCEAFA78517}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32CE9079-7226-46AD-88EC-FB41C58F8848}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3642989A-C1F2-447D-B759-5203F7D5CB7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39D6958E-F7A8-4F52-A211-F55FDB8318BC}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3E57DF66-BBEF-4659-BDCB-0213744E314A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{464DB528-EB33-46FC-AF6B-082DAAE549B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{48043E45-4D74-42C7-A54B-BBECDC279AB6}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2 trial version\zt2demoretail.exe |
"{4C564808-56A4-4EB6-BB1D-C8659C7F67CB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4C8F2EFC-B78F-49F8-9E9D-C0C641A28254}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F4AE63B-EF41-4F6F-BDA9-C6E0EF9B2B45}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{59D066B0-B23F-4701-B354-4BC3C7FD1565}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A01118B-3F3D-4D61-BDC5-00A002A46F49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A55768B-9757-41FD-A3FC-36469D16CFD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CABFD8F-FF97-4754-811D-879871FB275D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60D53906-FA90-48A5-8395-BF32442750A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6261E0F2-9652-4421-97C3-5EE060A990AE}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2 trial version\zt2demoretail.exe |
"{62BBEDBE-27C9-431E-BC61-1ABD35DBE0F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67270E2D-B8D3-48AF-BB72-1927E40B4668}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6B1E6ED3-1FEC-4D46-A851-2BAD0DA50534}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77E2DA51-A158-42D9-B27C-F3B1A22B6BC7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78E832F0-BB70-4E3F-990F-A870E331CBCB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7BE8F315-60AC-403E-8F26-9F8F5BCE726D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{82D60E14-C81F-4614-AC66-93ADA579BAB1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{88E2F259-C429-4F73-819B-6BB45B7208C7}" = protocol=6 | dir=out | app=system |
"{8D6BE0D3-D56B-4D9A-801E-97E81C3360F6}" = protocol=17 | dir=in | app=c:\program files\ea games\the battle for middle-earth (tm)\game.dat |
"{96C0B12B-5DBA-4403-A3E1-40971CFCC80E}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B6F51EB-22BD-44FF-A710-02E49D892B69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9C53251A-235F-45E1-BDBC-2C6E1EAF67F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FF0550E-65E8-4202-8705-2400D44952C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A4901FAF-5C16-46DC-B435-678BE06FE253}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A56590F9-5123-4CF2-8D9F-23C7865DDEBD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A76CFF4A-0FA3-44E8-94C5-7173DDAC67C6}" = protocol=17 | dir=in | app=c:\program files\uvecko\vncviewer.exe |
"{A857687A-E647-4BE7-8438-D5DAA97947CB}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{A9A1FD07-70E5-4241-9D90-AE59052E53C9}" = protocol=6 | dir=in | app=c:\program files\ea games\the battle for middle-earth (tm)\game.dat |
"{ACE5B0B8-F09C-4FED-BEB0-5C71FB714C65}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B6780A5F-6BA4-4336-957D-7EC99E72CE9B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B7E33BBC-7552-4C22-8639-53E12DEE268F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B91C4B1C-02B0-4F9B-85B3-EBAC44250BAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA21F913-27E1-4CD7-864A-208B6D2D35C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office communicator\communicator.exe |
"{BAA4EA10-5061-419A-B08D-D1CDA1F3A43C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BEF202E5-BB26-472B-8B4C-C9AB7738DC25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C02544F1-5F0E-4AAF-9C89-7B1A7D7D3212}" = protocol=6 | dir=in | app=c:\program files\uvecko\vncviewer.exe |
"{C10E50BB-F3D3-4F1B-A684-6404F5764565}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C14A7253-092F-4D3F-A96D-949515B55575}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C186D094-4DB7-4BB8-B9FA-C65162804EAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C2EFAC88-AB6D-47C1-9EE5-45AD02B2EEA0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C458FE2B-83A4-4AC7-9F5F-F2719CEFC666}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C62D9AB1-CB04-45ED-8383-D69FC0F46152}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9E0AD7F-ED25-4716-A424-EF328380E74B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA83ACEC-B33E-4FEE-8E4B-3190B589DB74}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1FE8702-E348-466D-BA15-D0AB1477FC03}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5A09C77-218B-4883-8580-1E9C642A69E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D5D6594B-24F8-45A7-87D8-DCAEBE585D75}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D7FD166C-274D-437C-9AB8-3326BDFC14F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8CCD404-F971-433A-9FD4-814B75C24765}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DAE4F2A2-616E-4C01-9A33-595210A04FB3}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{E39B89C8-09D3-401C-A212-570BF13FA651}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{E51B0CA8-E6AD-4EA5-A4C0-F9477E1C03A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E80F7D93-8AA3-475B-9BC0-D0345ACC243C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8AC31A1-88AB-4C58-81E1-5C693C9FC279}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EBE1E018-43E1-43EF-9263-18F1FA5BAADB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEF2F36A-2160-46CE-B6FE-FDB8840398E1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F65F69DE-C0E1-4666-8A80-258F830B583B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7473CFC-9FD1-430B-ABF8-CBA58C502AD8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F77A6FD5-2757-4EBE-989F-7D31BF400547}" = protocol=17 | dir=in | app=c:\program files\microsoft office communicator\communicator.exe |
"{F7F7D32A-1556-43C5-B71D-012E489EB967}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F8832942-480E-4688-8392-C3EA05127D9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F960E2FB-4A9E-4F58-8702-D16F7B6FC700}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCA604C1-A523-481A-B75B-CAA157E6C22F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{08EDC681-B70C-449E-8306-A0ACDFCBE394}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{0D206E41-3E4F-48B6-A7B9-BE34056F5A76}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"TCP Query User{1D8C7502-3E7F-4CD3-893E-A6C9B594FE29}C:\program files\hidden administrator\ha_server\ha_server.exe" = protocol=6 | dir=in | app=c:\program files\hidden administrator\ha_server\ha_server.exe |
"TCP Query User{1FBAE05B-C3EA-4D6E-B85E-8AA005427079}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{3257440C-A40F-4A11-B940-5A94C2D2FB5E}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{41A930E4-1968-40DA-AE7A-D0389637C4C6}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{436D7CA7-F985-4CB5-8D18-73DA25B48112}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{448B0C84-C2EC-4212-93F8-EB74FCFFED87}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{50AA7554-4877-4C3E-A9E1-49B0336C6F39}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{67FC59D1-C016-4D07-B800-80BF2FE84C78}F:\all\miranda new good\miranda im_private\miranda32.exe" = protocol=6 | dir=in | app=f:\all\miranda new good\miranda im_private\miranda32.exe |
"TCP Query User{6A34E230-DB37-4253-8800-8986C8A08705}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe |
"TCP Query User{89DCD7F7-E71E-4144-ACC5-9B2B7837F78D}F:\all\miranda new good\miranda im\miranda32.exe" = protocol=6 | dir=in | app=f:\all\miranda new good\miranda im\miranda32.exe |
"TCP Query User{8B19EC84-6A36-4A44-93A1-7F62B20B9212}C:\program files\hidden administrator\ha_server\ha_server.exe" = protocol=6 | dir=in | app=c:\program files\hidden administrator\ha_server\ha_server.exe |
"TCP Query User{F5F5515E-9A71-4E59-9D57-138A0A32BCEC}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"UDP Query User{1591B9E6-A3B9-4A82-83E8-EADBFA065405}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{16CBE5A3-A341-4B58-861D-DA9DED2E547E}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"UDP Query User{20FE1149-4156-486C-A71A-D62C7D758772}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{220A1AE3-3684-4725-9EDC-8D90B35920FB}C:\program files\hidden administrator\ha_server\ha_server.exe" = protocol=17 | dir=in | app=c:\program files\hidden administrator\ha_server\ha_server.exe |
"UDP Query User{2E1467EB-3D86-4F82-8D4C-ABE1F427A9B8}F:\all\miranda new good\miranda im\miranda32.exe" = protocol=17 | dir=in | app=f:\all\miranda new good\miranda im\miranda32.exe |
"UDP Query User{335785C8-8C09-4145-853D-D24EA7E1279C}F:\all\miranda new good\miranda im_private\miranda32.exe" = protocol=17 | dir=in | app=f:\all\miranda new good\miranda im_private\miranda32.exe |
"UDP Query User{353DBC3F-2174-442E-904F-607E0A196034}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{4BBAD825-EC5D-4735-8304-0AB35E3A1F45}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{554B306D-2BBC-4E02-B0EA-4158999D28C9}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe |
"UDP Query User{6B2C5D46-ED37-48C5-8A93-34F2584E8FD9}C:\program files\hidden administrator\ha_server\ha_server.exe" = protocol=17 | dir=in | app=c:\program files\hidden administrator\ha_server\ha_server.exe |
"UDP Query User{74B4E512-C0C8-4013-8D47-ADA13A7A32AD}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{97EB2A8C-AF87-4628-A1E4-701517C3F4C9}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{D951A1EC-1884-42EB-B61E-0B15FC7FF088}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{E6B87812-5E54-41D0-A958-B46863FC918B}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6000
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 15
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2
"{39821F43-F148-4086-8DA8-6AE4370A7A4F}" = O&O Defrag Professional
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7173DBE9-1FC7-48AA-B4B5-8E7BFE388325}" = Testy Autoškola
"{7428F2D3-2808-40ED-AD3F-D4CBFADD8565}" = Microsoft Office Communicator 2007 R2
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B32E7732-B2FB-3FD0-81AC-6025B1104C66}" = Microsoft Device Emulator version 3.0 - ENU
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5397701-EFAF-43D9-BE1B-0534D14F583E}" = InfoMapa 13
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A13A35-63AC-427a-92E6-960C1D01FABB}" = Poradce pro upgrade na systém Windows 7
"{C7E1449D-7638-6832-426D-589655951029}" = Nero 7 Demo
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E86E5246-AA7E-11D4-88C9-00105ADBE398}" = O&O Defrag 2000 Freeware Edition
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" = Alcohol 120%
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}" = LogMeIn
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{f26d0e18-9464-421c-b95b-f03c73e2d2fe}" = Nero 9
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"µTorrent CZ_is1" = µTorrent CZ 1.8 (build 11758)
"7-Zip" = 7-Zip 4.57
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.0 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AMP WinOFF" = AMP WinOFF
"Any Video Converter_is1" = Any Video Converter 2.6.0
"AVerMedia A827 series driver" = AVerMedia A827 series driver 1.0.0.85
"AVerMedia MCE Encoder x86" = AVerMedia MCE Encoder x86 3.0.1.2
"AVerMedia Media Center Plug-ins" = AVerMedia Media Center Plug-ins
"Broadcom 802.11b Network Adapter" = Bezdrátový adaptér Broadcom 802.11 LAN
"BSPlayer1" = BSPlayer
"Canon LBP2900" = Canon LBP2900
"CCleaner" = CCleaner (remove only)
"CDex" = CDex extraction audio
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"Defraggler" = Defraggler
"Display Stix2.5" = Display Stix 2.5
"DivX Setup.divx.com" = DivX Setup
"DVD43_is1" = DVD43 v3.9.0
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1" = NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FLVPlayer" = FLV Player 1.3.3
"Foxit Reader" = Foxit Reader
"FreePascal_is1" = Free Pascal 2.2.4
"GameSpy Arcade" = GameSpy Arcade
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HF Designer_is1" = HF Designer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"Kalendář_is1" = Kalendář v0.1.21
"KYE" = Scroll Mouse
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"Marsu-Fix 2.5" = Marsu-Fix 2.5
"McAfee Security Scan" = McAfee Security Scan Plus
"MetaProducts Net Activity Diagram" = MetaProducts Net Activity Diagram
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Neat Image_is1" = Neat Image v5 Demo (with plug-in)
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Nokia PC Suite" = Nokia PC Suite
"NSS" = Norton Security Scan
"OpenVPN" = OpenVPN 2.0.9
"Pidgin" = Pidgin
"PK-PCSU_is1" = Zrychleni Pocitace
"QIP 2005_is1" = QIP 2005 8080
"QIP Infium_is1" = QIP Infium 1.0.9010 RC2
"RealPlayer 6.0" = RealPlayer
"Recuva" = Recuva (remove only)
"Revo Uninstaller" = Revo Uninstaller 1.60
"RocketDock_is1" = RocketDock 1.3.5
"Spyware Terminator_is1" = Spyware Terminator
"STDU Viewer_is1" = STDU Viewer version 1.4.13.0
"SuperMp3Download" = Super Mp3 Download
"SWF.max" = Aero SWF.max 1.6.860
"TeamViewer 3" = TeamViewer 3
"Test My Hardware_is1" = Test My Hardware 2.4
"TrueCrypt" = TrueCrypt
"Ultravnc2_is1" = UltraVNC 1.0.5.6
"Universum 5" = Encyklopedie Universum 5
"VCP CDR_is1" = VCP CDR
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 1.0.5
"Weather Watcher_is1" = Weather Watcher
"Web Translator" = Web Translator
"WinASO Registry Optimizer 4.1_is1" = WinASO Registry Optimizer 4.1
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 3.7.1
"XnView_is1" = XnView 1.96.2
"Zoo Tycoon 2" = Zoo Tycoon 2
"Zoo Tycoon 2 Trial Version" = Zoo Tycoon 2 Trial Version

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1408431834-899597845-2981051543-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
"Zoo Tycoon Čeština 1.05" = Zoo Tycoon Čeština 1.05

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.5.2010 17:05:58 | Computer Name = Pc-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1.6.2010 1:01:44 | Computer Name = Pc-PC | Source = Google Update | ID = 20
Description =

Error - 17.6.2010 15:52:05 | Computer Name = Pc-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.2.3743, časové razítko 0x4bb4be02,
chybující modul npfbplugin_1_0_3.dll_unloaded, verze 0.0.0.0, časové razítko 0x4c0f70b4,
kód výjimky 0xc0000005, posun chyby 0x103730f2, ID procesu 0x1328, čas spuštění
aplikace 0x01cb0e496fc19470.

Error - 24.6.2010 14:04:17 | Computer Name = Pc-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace 1by1.exe, verze 0.0.0.0, časové razítko 0x4425b5ed,
chybující modul 1by1.exe, verze 0.0.0.0, časové razítko 0x4425b5ed, kód výjimky
0xc0000005, posun chyby 0x00006257, ID procesu 0x15d0, čas spuštění aplikace 0x01cb13c7a840a6a0.

Error - 24.6.2010 14:04:47 | Computer Name = Pc-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace 1by1.exe, verze 0.0.0.0, časové razítko 0x4425b5ed,
chybující modul 1by1.exe, verze 0.0.0.0, časové razítko 0x4425b5ed, kód výjimky
0xc0000005, posun chyby 0x00006257, ID procesu 0x16c0, čas spuštění aplikace 0x01cb13c7bb4fa610.

Error - 30.6.2010 12:05:17 | Computer Name = Pc-PC | Source = Google Update | ID = 20
Description =

Error - 12.7.2010 14:08:54 | Computer Name = Pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12.7.2010 15:35:38 | Computer Name = Pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 15.7.2010 14:26:06 | Computer Name = Pc-PC | Source = Application Hang | ID = 1002
Description = Program xnview.exe verze 1.96.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 404 Čas zahájení: 01cb244b223d5457 Čas ukončení: 8

Error - 18.8.2010 15:05:17 | Computer Name = Pc-PC | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 2.12.2011 11:46:31 | Computer Name = Pc-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2.12.2011 11:53:44 | Computer Name = Pc-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.133 pro síťovou kartu s adresou 001B77C0CCE1
byla serverem DHCP 192.168.100.252 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 2.12.2011 12:01:10 | Computer Name = Pc-PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x5). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 2.12.2011 12:39:01 | Computer Name = Pc-PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x5). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 2.12.2011 13:37:18 | Computer Name = Pc-PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x5). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 2.12.2011 14:46:59 | Computer Name = Pc-PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x5). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 2.12.2011 17:54:29 | Computer Name = Pc-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2.12.2011 17:54:29 | Computer Name = Pc-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 2.12.2011 17:54:29 | Computer Name = Pc-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2.12.2011 17:54:29 | Computer Name = Pc-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 03 pro 2011 01:36
od vyosek
:arrow: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
  • Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
  • Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
  • Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
  • Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
  • Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
  • Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
SRV - File not found [Unknown | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- -- (SBSDWSCService)
IE - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
IE - HKU\S-1-5-21-1408431834-899597845-2981051543-1000\..\URLSearchHook: - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
[2011.11.28 20:46:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.02 16:55:22 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-1.xml
[2010.04.03 17:38:35 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-10.xml
[2010.06.28 18:37:03 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-11.xml
[2010.06.29 16:47:47 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-12.xml
[2010.07.22 17:36:54 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-13.xml
[2010.07.27 18:37:32 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-14.xml
[2010.08.09 17:41:23 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-15.xml
[2010.09.20 17:35:30 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-16.xml
[2010.10.27 21:23:11 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-17.xml
[2010.10.30 19:19:18 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-18.xml
[2010.12.13 19:27:28 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-19.xml
[2009.08.11 18:08:37 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-2.xml
[2011.03.03 16:20:38 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-20.xml
[2011.03.07 19:19:53 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-21.xml
[2011.03.27 19:42:22 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-22.xml
[2011.05.02 19:38:52 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-23.xml
[2011.05.02 19:42:28 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-24.xml
[2011.06.29 12:11:33 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-25.xml
[2011.08.09 07:15:31 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-26.xml
[2011.08.21 19:22:41 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-27.xml
[2011.08.24 15:45:44 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-28.xml
[2011.09.08 19:12:15 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-29.xml
[2009.09.15 18:44:06 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-3.xml
[2011.09.14 21:57:41 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-30.xml
[2011.10.04 16:21:10 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-31.xml
[2011.10.17 21:16:50 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-32.xml
[2009.10.30 12:35:35 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-4.xml
[2009.12.20 21:13:13 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-5.xml
[2010.01.08 17:45:55 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-6.xml
[2010.02.23 18:14:20 | 000,000,961 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-7.xml
[2010.03.15 18:45:03 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-8.xml
[2010.03.25 08:28:43 | 000,000,950 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-9.xml
[2009.07.23 18:58:00 | 000,000,944 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin.xml
[2009.07.14 20:51:21 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [] File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O13 - gopher Prefix: missing
[15 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[6 C:\Windows\System32\DriverStore\FileRepository\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\Temp\*.tmp files -> C:\Windows\System32\DriverStore\Temp\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\*.tmp files -> C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2008.06.04 11:22:48 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2011.12.02 20:38:00 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000Core.job
[2011.12.02 20:38:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000UA.job
[2011.11.19 11:47:25 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job
[2010.12.20 19:37:12 | 000,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E875D9AB-1FAE-4C9C-B680-6FECD6E3AF47}.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"egui"=-
"Malwarebytes' Anti-Malware"=-
"Malwarebytes' Anti-Malware (reboot)"=-
"DivXUpdate"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WEBTRAN"=-
"ehTray.exe"=-
"Google Update"=-
"PC Suite Tray"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinVNC – zástupce.lnk]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 03 pro 2011 11:31
od Jan55
11:28:52.0093 5060 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
11:28:54.0099 5060 ============================================================
11:28:54.0099 5060 Current date / time: 2011/12/03 11:28:54.0099
11:28:54.0099 5060 SystemInfo:
11:28:54.0100 5060
11:28:54.0100 5060 OS Version: 6.0.6002 ServicePack: 2.0
11:28:54.0100 5060 Product type: Workstation
11:28:54.0100 5060 ComputerName: PC-PC
11:28:54.0100 5060 UserName: Pc
11:28:54.0100 5060 Windows directory: C:\Windows
11:28:54.0101 5060 System windows directory: C:\Windows
11:28:54.0101 5060 Processor architecture: Intel x86
11:28:54.0101 5060 Number of processors: 2
11:28:54.0101 5060 Page size: 0x1000
11:28:54.0101 5060 Boot type: Normal boot
11:28:54.0101 5060 ============================================================
11:28:54.0885 5060 Initialize success
11:29:09.0770 2560 ============================================================
11:29:09.0770 2560 Scan started
11:29:09.0770 2560 Mode: Manual;
11:29:09.0770 2560 ============================================================
11:29:10.0144 2560 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:29:10.0148 2560 ACPI - ok
11:29:10.0245 2560 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:29:10.0250 2560 adp94xx - ok
11:29:10.0352 2560 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:29:10.0357 2560 adpahci - ok
11:29:10.0460 2560 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:29:10.0462 2560 adpu160m - ok
11:29:10.0577 2560 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:29:10.0580 2560 adpu320 - ok
11:29:10.0663 2560 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:29:10.0667 2560 AFD - ok
11:29:10.0759 2560 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:29:10.0760 2560 agp440 - ok
11:29:10.0872 2560 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:29:10.0890 2560 aic78xx - ok
11:29:10.0986 2560 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
11:29:10.0987 2560 aliide - ok
11:29:11.0052 2560 ALSysIO - ok
11:29:11.0149 2560 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:29:11.0150 2560 amdagp - ok
11:29:11.0255 2560 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
11:29:11.0256 2560 amdide - ok
11:29:11.0329 2560 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:29:11.0330 2560 AmdK7 - ok
11:29:11.0417 2560 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:29:11.0420 2560 AmdK8 - ok
11:29:11.0518 2560 ApfiltrService (b49a709f65bf3beaa2b03f8ec139d568) C:\Windows\system32\DRIVERS\Apfiltr.sys
11:29:11.0521 2560 ApfiltrService - ok
11:29:11.0749 2560 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:29:11.0751 2560 arc - ok
11:29:11.0832 2560 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:29:11.0834 2560 arcsas - ok
11:29:11.0922 2560 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:29:11.0924 2560 AsyncMac - ok
11:29:11.0971 2560 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:29:11.0972 2560 atapi - ok
11:29:12.0048 2560 ATSWPDRV (69e65a2ce11619f0c868967ca9540b80) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
11:29:12.0051 2560 ATSWPDRV - ok
11:29:12.0156 2560 AVerFx2hbtv (c653d38371706d51ff465f512c4e6a99) C:\Windows\system32\drivers\AVerFx2hbtv.sys
11:29:12.0160 2560 AVerFx2hbtv - ok
11:29:12.0285 2560 axsaki (8e574d97ec504abce866d56303d92f99) C:\Windows\system32\DRIVERS\axsaki.sys
11:29:12.0287 2560 axsaki - ok
11:29:12.0354 2560 axskbus (90809122e02c3785aa5055bf9b0392b5) C:\Windows\system32\DRIVERS\axskbus.sys
11:29:12.0355 2560 axskbus - ok
11:29:12.0428 2560 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:29:12.0429 2560 Beep - ok
11:29:12.0539 2560 blbdrive - ok
11:29:12.0632 2560 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:29:12.0634 2560 bowser - ok
11:29:12.0740 2560 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:29:12.0747 2560 BrFiltLo - ok
11:29:12.0812 2560 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:29:12.0813 2560 BrFiltUp - ok
11:29:12.0883 2560 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:29:12.0885 2560 Brserid - ok
11:29:12.0948 2560 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:29:12.0949 2560 BrSerWdm - ok
11:29:13.0021 2560 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:29:13.0022 2560 BrUsbMdm - ok
11:29:13.0131 2560 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:29:13.0132 2560 BrUsbSer - ok
11:29:13.0204 2560 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
11:29:13.0205 2560 BthEnum - ok
11:29:13.0261 2560 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
11:29:13.0263 2560 BTHMODEM - ok
11:29:13.0342 2560 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
11:29:13.0344 2560 BthPan - ok
11:29:13.0427 2560 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
11:29:13.0435 2560 BTHPORT - ok
11:29:13.0563 2560 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
11:29:13.0564 2560 BTHUSB - ok
11:29:13.0642 2560 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys
11:29:13.0644 2560 btwaudio - ok
11:29:13.0749 2560 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
11:29:13.0751 2560 btwavdt - ok
11:29:13.0827 2560 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
11:29:13.0828 2560 btwrchid - ok
11:29:13.0917 2560 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:29:13.0918 2560 cdfs - ok
11:29:13.0974 2560 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:29:13.0976 2560 cdrom - ok
11:29:14.0085 2560 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:29:14.0087 2560 circlass - ok
11:29:14.0194 2560 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:29:14.0198 2560 CLFS - ok
11:29:14.0303 2560 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:29:14.0305 2560 CmBatt - ok
11:29:14.0412 2560 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
11:29:14.0413 2560 cmdide - ok
11:29:14.0496 2560 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys
11:29:14.0499 2560 CnxtHdAudService - ok
11:29:14.0663 2560 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:29:14.0665 2560 Compbatt - ok
11:29:14.0718 2560 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:29:14.0719 2560 crcdisk - ok
11:29:14.0836 2560 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:29:14.0838 2560 Crusoe - ok
11:29:14.0958 2560 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:29:14.0960 2560 DfsC - ok
11:29:15.0053 2560 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:29:15.0055 2560 disk - ok
11:29:15.0131 2560 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:29:15.0132 2560 drmkaud - ok
11:29:15.0212 2560 dvd43llh (1fc1eed3ea0c3a0ecf8a95b97e1b4831) C:\Windows\system32\DRIVERS\dvd43llh.sys
11:29:15.0213 2560 dvd43llh - ok
11:29:15.0332 2560 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:29:15.0342 2560 DXGKrnl - ok
11:29:15.0469 2560 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:29:15.0471 2560 E1G60 - ok
11:29:15.0556 2560 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:29:15.0559 2560 Ecache - ok
11:29:15.0666 2560 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:29:15.0671 2560 elxstor - ok
11:29:15.0790 2560 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:29:15.0792 2560 exfat - ok
11:29:15.0896 2560 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:29:15.0898 2560 fastfat - ok
11:29:15.0982 2560 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:29:15.0984 2560 fdc - ok
11:29:16.0080 2560 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:29:16.0082 2560 FileInfo - ok
11:29:16.0159 2560 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:29:16.0161 2560 Filetrace - ok
11:29:16.0247 2560 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:29:16.0248 2560 flpydisk - ok
11:29:16.0327 2560 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:29:16.0330 2560 FltMgr - ok
11:29:16.0446 2560 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:29:16.0448 2560 Fs_Rec - ok
11:29:16.0526 2560 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:29:16.0528 2560 gagp30kx - ok
11:29:16.0626 2560 gHidPnp (483a9768b5480afb887be34b36978cca) C:\Windows\system32\Drivers\gHidPnp.Sys
11:29:16.0627 2560 gHidPnp - ok
11:29:16.0685 2560 gMouUsb (810072609cc1615bb3fd843b551e523f) C:\Windows\system32\DRIVERS\gMouUsb.sys
11:29:16.0687 2560 gMouUsb - ok
11:29:16.0789 2560 hamachi (7929a161f9951d173ca9900fe7067391) C:\Windows\system32\DRIVERS\hamachi.sys
11:29:16.0790 2560 hamachi - ok
11:29:16.0853 2560 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys
11:29:16.0854 2560 HBtnKey - ok
11:29:16.0982 2560 hcmon (18c29504ed5b8b791dd574071f84ad96) C:\Windows\system32\drivers\hcmon.sys
11:29:16.0984 2560 hcmon - ok
11:29:17.0077 2560 HdAudAddService (237a7d74cb346deedd6720aa91297c46) C:\Windows\system32\drivers\CHDART.sys
11:29:17.0080 2560 HdAudAddService - ok
11:29:17.0181 2560 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:29:17.0189 2560 HDAudBus - ok
11:29:17.0288 2560 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:29:17.0289 2560 HidBth - ok
11:29:17.0362 2560 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:29:17.0363 2560 HidIr - ok
11:29:17.0435 2560 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:29:17.0436 2560 HidUsb - ok
11:29:17.0510 2560 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:29:17.0511 2560 HpCISSs - ok
11:29:17.0598 2560 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:29:17.0599 2560 HpqKbFiltr - ok
11:29:17.0718 2560 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
11:29:17.0722 2560 HSFHWAZL - ok
11:29:17.0828 2560 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
11:29:17.0843 2560 HSF_DPV - ok
11:29:17.0902 2560 HSXHWAZL (a44ddf3ba83e4664bf4de9220097578c) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
11:29:17.0907 2560 HSXHWAZL - ok
11:29:18.0023 2560 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:29:18.0029 2560 HTTP - ok
11:29:18.0105 2560 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:29:18.0106 2560 i2omp - ok
11:29:18.0181 2560 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:29:18.0183 2560 i8042prt - ok
11:29:18.0306 2560 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
11:29:18.0310 2560 iaStor - ok
11:29:18.0411 2560 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:29:18.0415 2560 iaStorV - ok
11:29:18.0613 2560 igfx (63c56dac467ef814b60ff2aa2286c917) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:29:18.0653 2560 igfx - ok
11:29:18.0741 2560 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:29:18.0743 2560 iirsp - ok
11:29:18.0835 2560 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
11:29:18.0836 2560 intelide - ok
11:29:18.0963 2560 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:29:18.0964 2560 intelppm - ok
11:29:19.0042 2560 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:29:19.0044 2560 IpFilterDriver - ok
11:29:19.0101 2560 IpInIp - ok
11:29:19.0178 2560 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:29:19.0179 2560 IPMIDRV - ok
11:29:19.0258 2560 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:29:19.0261 2560 IPNAT - ok
11:29:19.0360 2560 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:29:19.0362 2560 IRENUM - ok
11:29:19.0428 2560 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:29:19.0429 2560 isapnp - ok
11:29:19.0515 2560 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:29:19.0519 2560 iScsiPrt - ok
11:29:19.0596 2560 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:29:19.0597 2560 iteatapi - ok
11:29:19.0711 2560 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:29:19.0713 2560 iteraid - ok
11:29:19.0817 2560 k600bus (53d606019bb0f0c6b3e6ec9d2e0f7622) C:\Windows\system32\DRIVERS\k600bus.sys
11:29:19.0818 2560 k600bus - ok
11:29:19.0904 2560 k600mdfl (c0d81f66557847bbb7f5b9980bc2ea2e) C:\Windows\system32\DRIVERS\k600mdfl.sys
11:29:19.0905 2560 k600mdfl - ok
11:29:19.0981 2560 k600mdm (646900b2921bad4757b427d2d328ec96) C:\Windows\system32\DRIVERS\k600mdm.sys
11:29:19.0983 2560 k600mdm - ok
11:29:20.0175 2560 k600obex (1578cb8176d08cc4d3dbe094c62fc236) C:\Windows\system32\DRIVERS\k600obex.sys
11:29:20.0177 2560 k600obex - ok
11:29:20.0279 2560 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:29:20.0281 2560 kbdclass - ok
11:29:20.0346 2560 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:29:20.0348 2560 kbdhid - ok
11:29:20.0447 2560 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
11:29:20.0454 2560 KSecDD - ok
11:29:20.0577 2560 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:29:20.0579 2560 lltdio - ok
11:29:20.0727 2560 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
11:29:20.0728 2560 LMIInfo - ok
11:29:20.0839 2560 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
11:29:20.0840 2560 lmimirr - ok
11:29:20.0899 2560 LMIRfsClientNP - ok
11:29:20.0960 2560 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
11:29:20.0961 2560 LMIRfsDriver - ok
11:29:21.0060 2560 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:29:21.0062 2560 LSI_FC - ok
11:29:21.0136 2560 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:29:21.0138 2560 LSI_SAS - ok
11:29:21.0259 2560 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:29:21.0261 2560 LSI_SCSI - ok
11:29:21.0349 2560 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:29:21.0351 2560 luafv - ok
11:29:21.0433 2560 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
11:29:21.0435 2560 MBAMProtector - ok
11:29:21.0535 2560 MBAMSwissArmy - ok
11:29:21.0677 2560 mdf15 (5264306c82ed8b51cc8273f377976e3c) C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys
11:29:21.0679 2560 mdf15 - ok
11:29:21.0776 2560 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:29:21.0777 2560 mdmxsdk - ok
11:29:21.0880 2560 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:29:21.0882 2560 megasas - ok
11:29:21.0961 2560 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:29:21.0963 2560 Modem - ok
11:29:22.0044 2560 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:29:22.0045 2560 monitor - ok
11:29:22.0125 2560 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:29:22.0127 2560 mouclass - ok
11:29:22.0227 2560 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:29:22.0229 2560 mouhid - ok
11:29:22.0306 2560 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:29:22.0307 2560 MountMgr - ok
11:29:22.0378 2560 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:29:22.0380 2560 mpio - ok
11:29:22.0479 2560 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:29:22.0481 2560 mpsdrv - ok
11:29:22.0594 2560 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:29:22.0596 2560 Mraid35x - ok
11:29:22.0667 2560 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:29:22.0670 2560 MRxDAV - ok
11:29:22.0732 2560 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:29:22.0735 2560 mrxsmb - ok
11:29:22.0832 2560 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:29:22.0836 2560 mrxsmb10 - ok
11:29:22.0927 2560 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:29:22.0929 2560 mrxsmb20 - ok
11:29:22.0995 2560 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
11:29:22.0997 2560 msahci - ok
11:29:23.0103 2560 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:29:23.0105 2560 msdsm - ok
11:29:23.0205 2560 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:29:23.0206 2560 Msfs - ok
11:29:23.0298 2560 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
11:29:23.0299 2560 msisadrv - ok
11:29:23.0403 2560 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:29:23.0405 2560 MSKSSRV - ok
11:29:23.0492 2560 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:29:23.0494 2560 MSPCLOCK - ok
11:29:23.0561 2560 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:29:23.0562 2560 MSPQM - ok
11:29:23.0641 2560 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:29:23.0644 2560 MsRPC - ok
11:29:23.0754 2560 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:29:23.0760 2560 mssmbios - ok
11:29:23.0842 2560 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:29:23.0844 2560 MSTEE - ok
11:29:23.0906 2560 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:29:23.0908 2560 Mup - ok
11:29:24.0008 2560 mvd21 (2ffe3b3bebc8570b111aaaa5befeabcc) C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys
11:29:24.0010 2560 mvd21 - ok
11:29:24.0115 2560 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:29:24.0118 2560 NativeWifiP - ok
11:29:24.0254 2560 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:29:24.0262 2560 NDIS - ok
11:29:24.0364 2560 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:29:24.0366 2560 NdisTapi - ok
11:29:24.0430 2560 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:29:24.0432 2560 Ndisuio - ok
11:29:24.0505 2560 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:29:24.0507 2560 NdisWan - ok
11:29:24.0629 2560 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:29:24.0631 2560 NDProxy - ok
11:29:24.0689 2560 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:29:24.0690 2560 NetBIOS - ok
11:29:24.0767 2560 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:29:24.0770 2560 netbt - ok
11:29:25.0018 2560 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
11:29:25.0044 2560 NETw3v32 - ok
11:29:25.0244 2560 NETw4v32 (4547b8aedd8119fcc127fdc7f282e983) C:\Windows\system32\DRIVERS\NETw4v32.sys
11:29:25.0284 2560 NETw4v32 - ok
11:29:25.0380 2560 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:29:25.0382 2560 nfrd960 - ok
11:29:25.0487 2560 nmwcd (4a8a2aa0706b659175169decf198e9d7) C:\Windows\system32\drivers\ccdcmb.sys
11:29:25.0488 2560 nmwcd - ok
11:29:25.0613 2560 nmwcdc (fd3e61831095ac62e6840d986b5a2016) C:\Windows\system32\drivers\ccdcmbo.sys
11:29:25.0614 2560 nmwcdc - ok
11:29:25.0696 2560 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:29:25.0698 2560 Npfs - ok
11:29:25.0800 2560 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:29:25.0802 2560 nsiproxy - ok
11:29:25.0878 2560 NSNDIS5 (53f7546e8daefb3a0813f5e19c4613c9) C:\Windows\system32\NSNDIS5.SYS
11:29:25.0883 2560 NSNDIS5 - ok
11:29:26.0064 2560 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:29:26.0080 2560 Ntfs - ok
11:29:26.0156 2560 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:29:26.0158 2560 ntrigdigi - ok
11:29:26.0244 2560 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:29:26.0246 2560 Null - ok
11:29:26.0312 2560 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
11:29:26.0314 2560 nvraid - ok
11:29:26.0444 2560 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
11:29:26.0446 2560 nvstor - ok
11:29:26.0542 2560 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:29:26.0545 2560 nv_agp - ok
11:29:26.0605 2560 NwlnkFlt - ok
11:29:26.0646 2560 NwlnkFwd - ok
11:29:26.0717 2560 nxsIO32 (f77e1270169604c87da56038dce99603) C:\Windows\System32\DRIVERS\nxsIO32.sys
11:29:26.0718 2560 nxsIO32 - ok
11:29:26.0831 2560 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
11:29:26.0833 2560 ohci1394 - ok
11:29:27.0012 2560 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:29:27.0014 2560 Parport - ok
11:29:27.0085 2560 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:29:27.0087 2560 partmgr - ok
11:29:27.0206 2560 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:29:27.0207 2560 Parvdm - ok
11:29:27.0303 2560 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
11:29:27.0305 2560 pccsmcfd - ok
11:29:27.0397 2560 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:29:27.0399 2560 pci - ok
11:29:27.0480 2560 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
11:29:27.0481 2560 pciide - ok
11:29:27.0615 2560 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:29:27.0618 2560 pcmcia - ok
11:29:27.0710 2560 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:29:27.0723 2560 PEAUTH - ok
11:29:27.0927 2560 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:29:27.0929 2560 PptpMiniport - ok
11:29:28.0033 2560 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:29:28.0035 2560 Processor - ok
11:29:28.0192 2560 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:29:28.0194 2560 PSched - ok
11:29:28.0276 2560 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:29:28.0289 2560 ql2300 - ok
11:29:28.0364 2560 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:29:28.0366 2560 ql40xx - ok
11:29:28.0466 2560 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:29:28.0468 2560 QWAVEdrv - ok
11:29:28.0525 2560 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:29:28.0526 2560 RasAcd - ok
11:29:28.0673 2560 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:29:28.0675 2560 Rasl2tp - ok
11:29:28.0755 2560 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:29:28.0756 2560 RasPppoe - ok
11:29:28.0828 2560 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:29:28.0830 2560 RasSstp - ok
11:29:28.0906 2560 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:29:28.0910 2560 rdbss - ok
11:29:28.0984 2560 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:29:28.0985 2560 RDPCDD - ok
11:29:29.0111 2560 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
11:29:29.0117 2560 rdpdr - ok
11:29:29.0193 2560 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:29:29.0196 2560 RDPENCDD - ok
11:29:29.0302 2560 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
11:29:29.0305 2560 RDPWD - ok
11:29:29.0447 2560 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
11:29:29.0450 2560 RFCOMM - ok
11:29:29.0552 2560 rimmptsk (c35ca13d3627ebd9dd12a23ce781bc3d) C:\Windows\system32\DRIVERS\rimmptsk.sys
11:29:29.0554 2560 rimmptsk - ok
11:29:29.0616 2560 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
11:29:29.0618 2560 rimsptsk - ok
11:29:29.0680 2560 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
11:29:29.0682 2560 rismxdp - ok
11:29:29.0800 2560 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:29:29.0802 2560 rspndr - ok
11:29:29.0922 2560 RsvLock (194432c92281cb49db0f4d941da20caf) C:\Windows\system32\drivers\RsvLock.sys
11:29:29.0923 2560 RsvLock - ok
11:29:30.0070 2560 SafeBoot (46c72a1ae07bf7d5b0b03725726f64a8) C:\Windows\system32\drivers\SafeBoot.sys
11:29:30.0071 2560 Suspicious file (NoAccess): C:\Windows\system32\drivers\SafeBoot.sys. md5: 46c72a1ae07bf7d5b0b03725726f64a8
11:29:30.0080 2560 SafeBoot ( LockedFile.Multi.Generic ) - warning
11:29:30.0080 2560 SafeBoot - detected LockedFile.Multi.Generic (1)
11:29:30.0194 2560 SBAlg (899fa9629600df5146b8f64b6ca7a41d) C:\Windows\system32\drivers\SBAlg.sys
11:29:30.0195 2560 SBAlg - ok
11:29:30.0267 2560 SbFlop (27bd4824d1b3e4984918c3542e06c62e) C:\Windows\system32\drivers\SbFlop.sys
11:29:30.0269 2560 SbFlop - ok
11:29:30.0395 2560 SbFsLock (fa66b1be99c027a1cc0fc412c7313f9a) C:\Windows\system32\drivers\SbFsLock.sys
11:29:30.0396 2560 SbFsLock - ok
11:29:30.0490 2560 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:29:30.0492 2560 sbp2port - ok
11:29:30.0576 2560 SbRegFlt (5ed842f763cc81a7f313fc759039d272) C:\Windows\system32\drivers\SbRegFlt.sys
11:29:30.0578 2560 SbRegFlt - ok
11:29:30.0721 2560 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
11:29:30.0724 2560 sdbus - ok
11:29:30.0835 2560 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:29:30.0836 2560 secdrv - ok
11:29:30.0960 2560 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:29:30.0961 2560 Serenum - ok
11:29:31.0056 2560 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:29:31.0058 2560 Serial - ok
11:29:31.0138 2560 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:29:31.0139 2560 sermouse - ok
11:29:31.0325 2560 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
11:29:31.0327 2560 sffdisk - ok
11:29:31.0406 2560 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:29:31.0408 2560 sffp_mmc - ok
11:29:31.0490 2560 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:29:31.0491 2560 sffp_sd - ok
11:29:31.0563 2560 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:29:31.0564 2560 sfloppy - ok
11:29:31.0725 2560 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:29:31.0726 2560 sisagp - ok
11:29:31.0837 2560 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:29:31.0839 2560 SiSRaid2 - ok
11:29:31.0924 2560 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:29:31.0926 2560 SiSRaid4 - ok
11:29:32.0033 2560 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:29:32.0035 2560 Smb - ok
11:29:32.0176 2560 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:29:32.0178 2560 spldr - ok
11:29:32.0285 2560 sp_rsdrv2 (ccd6e6c387e3efa3ba5fe0e7883821c1) C:\Windows\system32\drivers\sp_rsdrv2.sys
11:29:32.0288 2560 sp_rsdrv2 - ok
11:29:32.0416 2560 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:29:32.0421 2560 srv - ok
11:29:32.0502 2560 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:29:32.0505 2560 srv2 - ok
11:29:32.0596 2560 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:29:32.0598 2560 srvnet - ok
11:29:32.0734 2560 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:29:32.0736 2560 swenum - ok
11:29:32.0854 2560 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:29:32.0855 2560 Symc8xx - ok
11:29:32.0940 2560 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:29:32.0942 2560 Sym_hi - ok
11:29:33.0004 2560 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:29:33.0006 2560 Sym_u3 - ok
11:29:33.0177 2560 tap0801 (0c82061920a2de35d33c2c2bb83b1e98) C:\Windows\system32\DRIVERS\tap0801.sys
11:29:33.0178 2560 tap0801 - ok
11:29:33.0330 2560 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
11:29:33.0343 2560 Tcpip - ok
11:29:33.0507 2560 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
11:29:33.0520 2560 Tcpip6 - ok
11:29:33.0653 2560 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:29:33.0655 2560 tcpipreg - ok
11:29:33.0736 2560 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:29:33.0738 2560 TDPIPE - ok
11:29:33.0815 2560 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:29:33.0817 2560 TDTCP - ok
11:29:33.0904 2560 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:29:33.0906 2560 tdx - ok
11:29:34.0062 2560 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:29:34.0064 2560 TermDD - ok
11:29:34.0229 2560 truecrypt (be45dad1c73a3216edc8c485916f6594) C:\Windows\system32\drivers\truecrypt.sys
11:29:34.0233 2560 truecrypt - ok
11:29:34.0367 2560 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:29:34.0369 2560 tssecsrv - ok
11:29:34.0434 2560 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:29:34.0436 2560 tunmp - ok
11:29:34.0564 2560 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:29:34.0566 2560 tunnel - ok
11:29:34.0659 2560 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:29:34.0661 2560 uagp35 - ok
11:29:34.0764 2560 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:29:34.0767 2560 udfs - ok
11:29:34.0919 2560 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:29:34.0921 2560 uliagpkx - ok
11:29:35.0030 2560 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:29:35.0034 2560 uliahci - ok
11:29:35.0130 2560 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:29:35.0133 2560 UlSata - ok
11:29:35.0232 2560 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:29:35.0234 2560 ulsata2 - ok
11:29:35.0326 2560 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:29:35.0328 2560 umbus - ok
11:29:35.0472 2560 upperdev (587e643a4e2ffd9a00f114b057ceb773) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
11:29:35.0474 2560 upperdev - ok
11:29:35.0573 2560 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:29:35.0575 2560 usbccgp - ok
11:29:35.0736 2560 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:29:35.0738 2560 usbcir - ok
11:29:35.0830 2560 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:29:35.0832 2560 usbehci - ok
11:29:35.0939 2560 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:29:35.0943 2560 usbhub - ok
11:29:36.0009 2560 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:29:36.0011 2560 usbohci - ok
11:29:36.0099 2560 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:29:36.0101 2560 usbprint - ok
11:29:36.0202 2560 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
11:29:36.0203 2560 usbser - ok
11:29:36.0316 2560 UsbserFilt (fca6a196d47cb972a0e4adc0db9cd17c) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
11:29:36.0318 2560 UsbserFilt - ok
11:29:36.0393 2560 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:29:36.0395 2560 USBSTOR - ok
11:29:36.0484 2560 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:29:36.0486 2560 usbuhci - ok
11:29:36.0577 2560 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:29:36.0580 2560 usbvideo - ok
11:29:36.0774 2560 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:29:36.0775 2560 vga - ok
11:29:36.0861 2560 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:29:36.0863 2560 VgaSave - ok
11:29:36.0947 2560 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:29:36.0949 2560 viaagp - ok
11:29:37.0037 2560 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:29:37.0038 2560 ViaC7 - ok
11:29:37.0120 2560 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
11:29:37.0122 2560 viaide - ok
11:29:37.0240 2560 vmci (5137e48ad1d6ee1e789a20aa49b793e4) C:\Windows\system32\Drivers\vmci.sys
11:29:37.0243 2560 vmci - ok
11:29:37.0348 2560 vmkbd (415a0bc09e9187e3994508968ffef9bf) C:\Windows\system32\drivers\VMkbd.sys
11:29:37.0352 2560 vmkbd - ok
11:29:37.0462 2560 VMnetAdapter (898706a05d20b706848a440961c52436) C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:29:37.0465 2560 VMnetAdapter - ok
11:29:37.0545 2560 VMnetBridge (5692cbd2a25e04c62707bfc311884b65) C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:29:37.0547 2560 VMnetBridge - ok
11:29:37.0638 2560 VMnetuserif (24294deae94290431a95bfe0ed5438da) C:\Windows\system32\drivers\vmnetuserif.sys
11:29:37.0640 2560 VMnetuserif - ok
11:29:37.0817 2560 vmx86 (541f40e9cef74b6a7c766f8f0a838d07) C:\Windows\system32\Drivers\vmx86.sys
11:29:37.0830 2560 vmx86 - ok
11:29:37.0936 2560 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:29:37.0937 2560 volmgr - ok
11:29:38.0049 2560 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:29:38.0056 2560 volmgrx - ok
11:29:38.0153 2560 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:29:38.0162 2560 volsnap - ok
11:29:38.0295 2560 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:29:38.0297 2560 vsmraid - ok
11:29:38.0423 2560 vstor2-ws60 (70652ddbb219083acda28ca0cb0d6663) C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys
11:29:38.0426 2560 vstor2-ws60 - ok
11:29:38.0566 2560 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:29:38.0568 2560 WacomPen - ok
11:29:38.0664 2560 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:29:38.0667 2560 Wanarp - ok
11:29:38.0693 2560 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:29:38.0697 2560 Wanarpv6 - ok
11:29:38.0809 2560 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:29:38.0811 2560 Wd - ok
11:29:38.0910 2560 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:29:38.0918 2560 Wdf01000 - ok
11:29:39.0196 2560 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:29:39.0207 2560 winachsf - ok
11:29:39.0464 2560 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:29:39.0466 2560 WmiAcpi - ok
11:29:39.0720 2560 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:29:39.0721 2560 WpdUsb - ok
11:29:39.0984 2560 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:29:39.0986 2560 ws2ifsl - ok
11:29:40.0217 2560 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:29:40.0219 2560 WUDFRd - ok
11:29:40.0321 2560 XAudio (19e7c173b6242ad7521e537ae54768bf) C:\Windows\system32\DRIVERS\xaudio.sys
11:29:40.0322 2560 XAudio - ok
11:29:40.0504 2560 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
11:29:40.0508 2560 yukonwlh - ok
11:29:40.0688 2560 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:29:40.0707 2560 \Device\Harddisk0\DR0 - ok
11:29:40.0714 2560 Boot (0x1200) (73bcaac7924e2d6799e2bebae3e7269e) \Device\Harddisk0\DR0\Partition0
11:29:40.0716 2560 \Device\Harddisk0\DR0\Partition0 - ok
11:29:40.0720 2560 ============================================================
11:29:40.0720 2560 Scan finished
11:29:40.0720 2560 ============================================================
11:29:40.0742 4720 Detected object count: 1
11:29:40.0742 4720 Actual detected object count: 1
11:30:03.0433 4720 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
11:30:03.0433 4720 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 03 pro 2011 11:58
od Jan55
All processes killed
========== OTL ==========
Service WPFFontCache_v0400 stopped successfully!
Service WPFFontCache_v0400 deleted successfully!
Service SBSDWSCService stopped successfully!
Service SBSDWSCService deleted successfully!
HKU\S-1-5-21-1408431834-899597845-2981051543-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1408431834-899597845-2981051543-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.2.9&q=" removed from browser.search.defaulturl
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.3&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Pc\AppData\Roaming\mozilla\Firefox\Profiles\lqfvb7ek.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lqfvb7ek.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
C:\Program Files\Crawler\Toolbar\ctbr.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15A2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP176.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP336F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A80.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP50F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E57.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6567.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8594.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP85D2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9CEA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA100.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\Installer\MSI1D7E.tmp deleted successfully.
C:\Windows\Installer\MSI246B.tmp deleted successfully.
C:\Windows\Installer\MSI622A.tmp deleted successfully.
C:\Windows\Installer\MSI655F.tmp deleted successfully.
C:\Windows\Installer\MSI6D0B.tmp deleted successfully.
C:\Windows\Installer\MSI9A35.tmp deleted successfully.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\inf4921.PNF scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\inf4921.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\inf8a46.PNF scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\inf8a46.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507 scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\infb4df.PNF scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\infb4df.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811 scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\inf4911.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\infd27b.PNF scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\infd27b.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\infd27a.PNF scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\infd27a.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1 scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\inf4921.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\inf8a46.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\inf4911.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\infb4df.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\infd27a.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\infd27b.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\component.man scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\inf8a45.tmp scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3 scheduled to be deleted on reboot.
File delete failed. C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\inf8a45.tmp scheduled to be deleted on reboot.
C:\Windows\Temp\HTTFAEC.tmp deleted successfully.
C:\Users\Pc\AppData\Roaming\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\Users\Pc\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\Pc\AppData\Roaming\ESET folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408431834-899597845-2981051543-1000UA.job moved successfully.
C:\Windows\Tasks\Norton Security Scan for Pc.job moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{E875D9AB-1FAE-4C9C-B680-6FECD6E3AF47}.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\egui not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware (reboot) deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ehTray.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinVNC – zástupce.lnk\ deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pc
->Temp folder emptied: 5562300 bytes
->Temporary Internet Files folder emptied: 229651 bytes
->Java cache emptied: 67476829 bytes
->FireFox cache emptied: 85512411 bytes
->Google Chrome cache emptied: 85539489 bytes
->Flash cache emptied: 738 bytes

User: Public

User: Roman

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1181252 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 234,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Pc
->Flash cache emptied: 0 bytes

User: Public

User: Roman

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 12032011_113235

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\inf4921.PNF scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a\inf4921.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\FileRepository\inf4921.tmp_c8c7aa5a scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\inf8a46.PNF scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507\inf8a46.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\FileRepository\inf8a46.tmp_99edc507 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\infb4df.PNF scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811\infb4df.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\FileRepository\infb4df.tmp_96a74811 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c\inf4911.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\FileRepository\infb4de.tmp_0132568c scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\infd27b.PNF scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e\infd27b.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\FileRepository\infd27b.tmp_9fbbed9e scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\infd27a.PNF scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1\infd27a.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\FileRepository\infd27a.tmp_00690bd1 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\component.man scheduled to be moved on reboot.
File move failed. C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3\inf8a45.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\DriverStore\Temp\inf8a45.tmp_6cd906a3 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 03 pro 2011 12:03
od vyosek
:arrow: Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
  • C:\Windows\system32\drivers\SafeBoot.sys
  • Kliknete na Prochazet
  • Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
  • Kliknete na Send File
  • Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
    Obrázek
  • Vysledek analyzy sem vlozte (jako odkaz)

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 03 pro 2011 14:15
od Jan55
Mám menší problém s nahrátím toho souboru, píše mi to, že je soubor používán. :?:

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 03 pro 2011 17:33
od vyosek
Zkuste jej nekam zkopirovat a pak otestovat, pripadne jej zabalte a nekam uploadnete

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 03 pro 2011 18:50
od Jan55
http://www.virustotal.com/file-scan/rep ... 1322934090

Re: Zdravím, prosím o kontrolu logu ..

Napsal: 04 pro 2011 10:06
od vyosek
Jak se chova PC :???:
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz