VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=118532

Stránka 1 z 1

Kontrola logu

Napsal: 10 led 2012 15:22
od kahos
Prosím o kontrolu logu. Předem díky za Váš čas.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:21:59, on 10.1.2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Spigot\Search Settings

\SearchSettings.exe
C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Lenovo\Scheduler

\scheduler_proxy.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM

Updates Notifier.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\Users\martin\Downloads\hijackthis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer

\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer

\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search

Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search

Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start

Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer

\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?

LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer

\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?

LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search

Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start

Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer

\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer

\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer

\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer

\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-

E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube

Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952

-483415B9C955} - C:\Users\martin\AppData\Roaming\Microsoft

\Internet Explorer\qipsearchbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-

FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat

\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-

B7F9-0BBC1D38A37E} - C:

\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} -

C:\Users\martin\AppData\Roaming\Microsoft\Internet Explorer

\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-

F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-

42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-

435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin

\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-

794CA7E3FB53} - C:\Program Files\Google\Google Gears

\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-

86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader

Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-

436a-86E4-9690573BEE8A} - C:\Program Files\YouTube

Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP

\SynTPEnh.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY

\LVOSDSVC.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program

Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common

Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad

\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT

\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\Lenovo

\LENOVO~1\LPMGR.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files\Y Soft

\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security

Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files

\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows

\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows

\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows

\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft

Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common

Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files

\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common

Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Launch Backup Service Once] C:\Program

Files\Lenovo\Rescue and Recovery\rrstrigger.exe -start
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows

Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows

\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows

Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows

\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\martin\AppData\Roaming

\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace

Microsoft Excel - res://C:

\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace

Microsoft Office Excel - res://C:

\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote -

res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-

B25EAC5965F5} - C:\Program Files\Google\Google Gears

\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears -

{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files

\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-

7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft

Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files

\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote -

{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files

\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace

OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:

\Program Files\Microsoft Office

\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-

479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars

\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call -

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files

\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated

graphics
O13 - Gopher Prefix:
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-

B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars

\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-

00B0D022E945} - C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602

a.s. - C:\Program Files\Common Files\soft602\602updsvc

\602updsvc.exe
O23 - Service: ABBYY FineReader 10 CE Licensing Service

(ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:

\Program Files\Common Files\ABBYY\FineReader

\10.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files

\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo

\Access Connections\AcSvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:

\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner

- C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown

owner - C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device

Management Service (DMAgent) - Red Bend Ltd. - C:\Program

Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) -

Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin

\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software

Inc. - C:\Program Files\Common Files\Macrovision Shared

\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) -

Google Inc. - C:\Program Files\Google\Update

\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) -

Google Inc. - C:\Program Files\Google\Update

\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service for SL Series (IBMPMSVC)

- Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Service of LFKA (LFKAS) - Unknown owner - C:

\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:

\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service

(RegSrvc) - Intel(R) Corporation - C:\Program Files\Common

Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC

Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated -

C:\Program Files\Common Files\Adobe\SwitchBoard

\SwitchBoard.exe
O23 - Service: ThinkVantage Registry Monitor Service -

Lenovo Group Limited - C:\Program Files\Common Files\Lenovo

\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service

(TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group

Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited -

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Service

(WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files

\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: XYNTService - Unknown owner - C:\Users

\martin\AppData\Local\Temp\{E536F0E2-06D3-43AA-AA2B-

D0BE2AD19FA0}\{061A431C-86E7-4DB4-92B8-

36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe

--
End of file - 12302 bytes

Re: Kontrola logu

Napsal: 10 led 2012 21:52
od vyosek
Zdravim a pekny vecer preji :)

:arrow: Dejte prosim log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 - je podrobnejsi nez HJT

Re: Kontrola logu

Napsal: 11 led 2012 18:03
od kahos
A díky, jsem ze staré školy, kdy stačil předchozí log.


Logfile of random's system information tool 1.09 (written by random/random)
Run by martin at 2012-01-11 17:56:27
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 64 GB (27%) free of 238 GB
Total RAM: 3037 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:45, on 11.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\martin\Downloads\RSIT.exe
C:\Program Files\trend micro\martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~1\LPMGR.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Launch Backup Service Once] C:\Program Files\Lenovo\Rescue and Recovery\rrstrigger.exe -start
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ABBYY FineReader 10 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service for SL Series (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Service of LFKA (LFKAS) - Unknown owner - C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: XYNTService - Unknown owner - C:\Users\martin\AppData\Local\Temp\{E536F0E2-06D3-43AA-AA2B-D0BE2AD19FA0}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe

--
End of file - 12360 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\zygybt0k.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://www.google.com/search?q="

"{000a9d1c-beef-4f90-9363-039d445309b8}"=C:\Program Files\Google\Google Gears\Firefox\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\zygybt0k.default\extensions\
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{0b457cAA-602d-484a-8fe7-c1d894a011ba}

C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\zygybt0k.default\searchplugins\
aol-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-12-13 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-09-07 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-23 1725736]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe [2008-03-24 64368]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2011-01-14 337256]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"TPFNF7"=C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-04-16 61728]
"LPManager"=C:\PROGRA~1\Lenovo\LENOVO~1\LPMGR.exe [2007-03-01 120368]
"SafeQ Client"=C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2011-08-08 251904]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-05-04 252136]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-12-13 922976]
"Launch Backup Service Once"=C:\Program Files\Lenovo\Rescue and Recovery\rrstrigger.exe [2010-09-16 70456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcWin7Hlpr]
C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [2009-10-13 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [2010-01-30 941320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-08-04 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess]
C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [2009-09-17 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\martin\AppData\Roaming\QipGuard\QipGuard.exe /p []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2004-02-03 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2011-09-02 227712]

C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.IV41"=IR41_32.AX
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2012-01-11 17:56:29 ----D---- C:\Program Files\trend micro
2012-01-11 17:56:27 ----D---- C:\rsit
2012-01-10 15:05:01 ----D---- C:\Program Files\CCleaner
2011-12-29 09:14:55 ----D---- C:\Program Files\Application Updater
2011-12-29 09:14:54 ----D---- C:\Program Files\YouTube Downloader Toolbar
2011-12-29 09:14:54 ----D---- C:\Program Files\Common Files\Spigot
2011-12-24 16:34:33 ----D---- C:\tera
2011-12-24 16:33:55 ----A---- C:\Windows\SETUPA3.EXE
2011-12-15 13:03:22 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-15 13:03:22 ----A---- C:\Windows\system32\iertutil.dll
2011-12-15 13:03:21 ----A---- C:\Windows\system32\jscript9.dll
2011-12-15 13:03:21 ----A---- C:\Windows\system32\jscript.dll
2011-12-15 13:03:20 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-15 13:03:19 ----A---- C:\Windows\system32\wininet.dll
2011-12-15 13:03:19 ----A---- C:\Windows\system32\url.dll
2011-12-15 13:03:19 ----A---- C:\Windows\system32\ieui.dll
2011-12-15 13:03:18 ----A---- C:\Windows\system32\urlmon.dll
2011-12-15 13:03:17 ----A---- C:\Windows\system32\mshtml.dll
2011-12-15 13:03:16 ----A---- C:\Windows\system32\ieframe.dll
2011-12-14 21:32:17 ----A---- C:\Windows\system32\win32k.sys
2011-12-14 21:32:07 ----A---- C:\Windows\system32\tzres.dll
2011-12-14 21:31:59 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-14 21:31:58 ----A---- C:\Windows\system32\EncDec.dll
2011-12-14 21:31:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-14 21:31:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-12-12 10:40:47 ----D---- C:\Users\martin\AppData\Roaming\FireShot
2011-12-05 21:52:04 ----D---- C:\Users\martin\AppData\Roaming\DivX
2011-12-05 21:48:57 ----D---- C:\Program Files\DivX
2011-12-05 21:48:14 ----D---- C:\ProgramData\DivX
2011-11-26 02:03:16 ----D---- C:\Users\martin\AppData\Roaming\Apple Computer
2011-11-26 02:00:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2011-11-23 10:17:51 ----D---- C:\ProgramData\Apple Computer
2011-11-23 10:17:51 ----D---- C:\Program Files\QuickTime
2011-11-23 10:17:05 ----D---- C:\Program Files\Common Files\Apple
2011-11-23 10:16:51 ----D---- C:\ProgramData\Apple
2011-11-23 10:16:51 ----D---- C:\Program Files\Apple Software Update
2011-11-16 23:26:26 ----D---- C:\Program Files\Microsoft Silverlight
2011-11-15 09:53:28 ----D---- C:\Program Files\Maxis
2011-11-14 19:10:47 ----D---- C:\Hry
2011-11-08 23:08:44 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-02 00:52:16 ----D---- C:\Windows\system32\SPReview
2011-11-02 00:50:52 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-11-02 00:50:52 ----A---- C:\Windows\system32\msls31.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-11-02 00:50:51 ----A---- C:\Windows\system32\msrating.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\mshtmler.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\msfeedssync.exe
2011-11-02 00:50:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\iesysprep.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\ieakeng.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\dxtrans.dll
2011-11-02 00:50:51 ----A---- C:\Windows\system32\dxtmsft.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\wextract.exe
2011-11-02 00:50:50 ----A---- C:\Windows\system32\webcheck.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\vbscript.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\msfeeds.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\licmgr10.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\inseng.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\iexpress.exe
2011-11-02 00:50:50 ----A---- C:\Windows\system32\ieUnatt.exe
2011-11-02 00:50:50 ----A---- C:\Windows\system32\iesetup.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\iernonce.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\iedkcs32.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\ieapfltr.dll
2011-11-02 00:50:50 ----A---- C:\Windows\system32\ieapfltr.dat
2011-11-02 00:50:50 ----A---- C:\Windows\system32\ie4uinit.exe
2011-11-02 00:50:50 ----A---- C:\Windows\system32\icardie.dll
2011-11-02 00:50:49 ----A---- C:\Windows\system32\pngfilt.dll
2011-11-02 00:50:49 ----A---- C:\Windows\system32\occache.dll
2011-11-02 00:50:49 ----A---- C:\Windows\system32\mshta.exe
2011-11-02 00:50:49 ----A---- C:\Windows\system32\imgutil.dll
2011-11-02 00:50:49 ----A---- C:\Windows\system32\iepeers.dll
2011-11-02 00:50:49 ----A---- C:\Windows\system32\ieakui.dll
2011-11-02 00:50:49 ----A---- C:\Windows\system32\ieaksie.dll
2011-11-02 00:50:49 ----A---- C:\Windows\system32\admparse.dll
2011-11-02 00:47:16 ----A---- C:\Windows\system32\shell32.dll
2011-10-24 13:23:14 ----SHD---- C:\Windows\ftpcache
2011-10-19 10:20:00 ----A---- C:\Windows\system32\KOAZ8JAL.DLL
2011-10-19 10:19:12 ----D---- C:\Satikos
2011-10-15 18:48:50 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-15 18:48:47 ----A---- C:\Windows\system32\oleacc.dll
2011-10-15 18:48:46 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 3 months======

2012-01-11 17:56:40 ----D---- C:\Windows\Prefetch
2012-01-11 17:56:29 ----D---- C:\Program Files
2012-01-11 17:56:13 ----D---- C:\Users\martin\AppData\Roaming\Skype
2012-01-11 17:56:08 ----D---- C:\Windows\Temp
2012-01-11 16:34:55 ----D---- C:\Windows\system32\config
2012-01-11 16:24:50 ----D---- C:\Windows\system32\catroot
2012-01-11 16:23:53 ----RSD---- C:\Windows\assembly
2012-01-11 16:23:53 ----D---- C:\Windows\Microsoft.NET
2012-01-11 16:22:50 ----D---- C:\Windows\winsxs
2012-01-11 16:22:32 ----SHD---- C:\Windows\Installer
2012-01-11 16:21:16 ----D---- C:\Windows\System32
2012-01-11 16:21:16 ----D---- C:\Windows\inf
2012-01-11 16:21:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-11 16:19:40 ----SHD---- C:\System Volume Information
2012-01-11 16:19:38 ----D---- C:\Users\martin\AppData\Roaming\Dropbox
2012-01-11 01:29:47 ----D---- C:\Windows
2012-01-10 15:07:35 ----D---- C:\Windows\Panther
2012-01-10 15:07:35 ----D---- C:\Windows\ModemLogs
2012-01-10 15:07:34 ----D---- C:\Windows\Logs
2012-01-10 15:07:34 ----D---- C:\Windows\debug
2012-01-06 00:57:28 ----D---- C:\Windows\system32\catroot2
2012-01-01 15:11:46 ----D---- C:\SWSHARE
2011-12-31 19:42:10 ----D---- C:\Windows\system32\Tasks
2011-12-30 19:28:30 ----D---- C:\Windows\rescache
2011-12-29 09:14:54 ----D---- C:\Program Files\Common Files
2011-12-26 20:02:30 ----D---- C:\Program Files\Mozilla Firefox
2011-12-26 14:00:44 ----D---- C:\Windows\Minidump
2011-12-26 13:40:40 ----D---- C:\Windows\system32\drivers
2011-12-26 13:40:34 ----D---- C:\Windows\system32\DriverStore
2011-12-24 16:35:32 ----D---- C:\Windows\system
2011-12-16 00:44:24 ----D---- C:\Windows\system32\migration
2011-12-16 00:44:24 ----D---- C:\Windows\system32\cs-CZ
2011-12-16 00:44:24 ----D---- C:\Program Files\Internet Explorer
2011-12-15 13:13:18 ----D---- C:\ProgramData\Microsoft Help
2011-12-15 13:03:52 ----A---- C:\Windows\system32\MRT.exe
2011-12-05 21:48:14 ----HD---- C:\ProgramData
2011-12-02 23:54:27 ----D---- C:\Program Files\OpenTTD
2011-11-27 00:54:06 ----D---- C:\Users\martin\AppData\Roaming\vlc
2011-11-25 16:31:15 ----D---- C:\Program Files\Microsoft Games
2011-11-25 16:29:08 ----D---- C:\Program Files\QIP 2010
2011-11-18 15:53:50 ----D---- C:\Program Files\ABBYY FineReader 10
2011-11-16 23:26:36 ----SD---- C:\ProgramData\Microsoft
2011-11-15 14:29:56 ----N---- C:\Windows\system32\MpSigStub.exe
2011-11-15 13:02:44 ----D---- C:\Program Files\Common Files\System
2011-11-15 13:02:44 ----A---- C:\Windows\win.ini
2011-11-02 10:27:53 ----D---- C:\Program Files\Windows Sidebar
2011-11-02 10:27:53 ----D---- C:\Program Files\Windows Mail
2011-11-02 10:27:53 ----D---- C:\Program Files\DVD Maker
2011-11-02 10:27:52 ----D---- C:\Program Files\Windows Portable Devices
2011-11-02 10:27:52 ----D---- C:\Program Files\Windows Photo Viewer
2011-11-02 10:27:52 ----D---- C:\Program Files\Windows Media Player
2011-11-02 10:27:52 ----D---- C:\Program Files\Windows Journal
2011-11-02 10:27:46 ----D---- C:\Windows\servicing
2011-11-02 10:27:46 ----D---- C:\Windows\ehome
2011-11-02 10:27:46 ----D---- C:\Program Files\Windows Defender
2011-11-02 10:27:42 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2011-11-02 10:27:42 ----D---- C:\Windows\system32\oobe
2011-11-02 10:27:42 ----D---- C:\Windows\system32\en-US
2011-11-02 10:27:42 ----D---- C:\Windows\system32\da-DK
2011-11-02 10:27:42 ----D---- C:\Windows\PolicyDefinitions
2011-11-02 10:27:41 ----D---- C:\Windows\system32\sysprep
2011-11-02 10:27:41 ----D---- C:\Windows\system32\Setup
2011-11-02 10:27:41 ----D---- C:\Windows\system32\cs
2011-11-02 10:27:41 ----D---- C:\Windows\system32\AdvancedInstallers
2011-11-02 10:27:38 ----D---- C:\Windows\system32\wbem
2011-11-02 10:27:38 ----D---- C:\Windows\system32\sppui
2011-11-02 10:27:38 ----D---- C:\Windows\system32\manifeststore
2011-11-02 10:27:38 ----D---- C:\Windows\system32\es-ES
2011-11-02 10:27:38 ----D---- C:\Windows\system32\drivers\UMDF
2011-11-02 10:27:38 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-11-02 10:27:37 ----D---- C:\Windows\system32\migwiz
2011-11-02 10:27:37 ----D---- C:\Windows\system32\Dism
2011-11-02 10:27:18 ----RSD---- C:\Windows\Fonts
2011-11-02 10:27:18 ----D---- C:\Windows\AppPatch
2011-11-02 10:27:03 ----D---- C:\Windows\system32\Boot
2011-11-02 00:56:27 ----A---- C:\Windows\system32\msclmd.dll
2011-10-24 09:09:11 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-11-22 64288]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2011-01-13 122992]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2011-01-13 20592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl0aed4739;MpKsl0aed4739; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9390D2C7-928A-4412-BDDF-89AD8FF2B2E4}\MpKsl0aed4739.sys [2012-01-11 29904]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2010-11-05 11552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys [2007-07-24 13880]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 bpenum;Intel(R) WiMAX Link Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2009-07-30 56320]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-09-18 251392]
R3 DCamUSBGene;Integrated Camera; C:\Windows\system32\DRIVERS\usbstk.sys [2008-07-31 173584]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2008-05-14 22312]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 MTsensor32;PU ACPI UTILITY; C:\Windows\system32\DRIVERS\PuAcpi32.sys [2009-06-04 14344]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-02-11 33088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-23 244784]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S1 MpKsl07348441;MpKsl07348441; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1065DECB-BEF2-4E21-829E-EB34B06140B3}\MpKsl07348441.sys []
S1 MpKsl1b5ea906;MpKsl1b5ea906; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8D3A18C4-96D3-40FC-AA73-7C5BE68EE543}\MpKsl1b5ea906.sys []
S1 MpKsl1fdd473e;MpKsl1fdd473e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{79584AE7-1E1B-4065-A96E-870D1E179394}\MpKsl1fdd473e.sys []
S1 MpKsl2eaeb407;MpKsl2eaeb407; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FD1C12A4-15CB-4610-8CF7-761ADE11639B}\MpKsl2eaeb407.sys []
S1 MpKsl4112fc59;MpKsl4112fc59; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AA215FC5-9C0D-4CE8-8C7B-60743E1CE9A4}\MpKsl4112fc59.sys []
S1 MpKsl440db862;MpKsl440db862; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4EAF7BF4-BF13-47BA-A62E-65BAFB214BFF}\MpKsl440db862.sys []
S1 MpKsl4a89e947;MpKsl4a89e947; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8702D89D-861E-4F21-87E3-E7A238B698BB}\MpKsl4a89e947.sys []
S1 MpKsl59cd080c;MpKsl59cd080c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A98C842-CA0B-461F-8471-DAAE22ADEE94}\MpKsl59cd080c.sys []
S1 MpKsl68dc5456;MpKsl68dc5456; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5BB6072F-37B1-4DD0-BD7F-AC0AABFCD3E0}\MpKsl68dc5456.sys []
S1 MpKsla67d0d57;MpKsla67d0d57; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2444989A-5769-46AE-BC26-882DA7A2B81C}\MpKsla67d0d57.sys []
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.sys [2003-07-19 18848]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 appliandMP;appliandMP; C:\Windows\system32\DRIVERS\appliand.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 10752]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344]
R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-12-11 124264]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-12-11 255336]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
R2 ASLDRService;ASLDR Service; C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe [2009-02-13 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe [2009-02-13 94208]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 20480]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2009-07-30 348160]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 858384]
R2 IBMPMSVC;ThinkPad PM Service for SL Series; C:\Windows\system32\ibmpmsvc.exe [2008-05-14 36128]
R2 LFKAS;Service of LFKA; C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe [2009-04-15 208896]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 473360]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2010-09-16 1028096]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2009-07-30 815104]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2010-09-16 1475896]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-18 136176]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-08-03 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-18 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-11-05 75112]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2011-01-13 40048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-19 1343400]

-----------------EOF-----------------

Re: Kontrola logu

Napsal: 11 led 2012 18:52
od vyosek
:arrow: Odinstalujte Application Updater a tez Search Settings

:arrow: Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Re: Kontrola logu

Napsal: 11 led 2012 20:06
od kahos
Díky za info, tak ty toolbary odstraněny, ale ty Application Updater a tez Search Setting vůbec nevím jak.

Tak zatím posílám todle: Díky

OTL logfile created on: 11.1.2012 19:54:30 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\martin\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,97 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 43,40% Memory free
5,93 Gb Paging File | 3,97 Gb Available in Paging File | 66,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 62,34 Gb Free Space | 26,78% Space Free | Partition Type: NTFS

Computer Name: MARTIN-NTB | User Name: martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.11 19:53:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\martin\Downloads\OTL.exe
PRC - [2012.01.05 10:48:46 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2011.12.13 17:42:08 | 000,922,976 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011.10.21 09:07:21 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011.09.02 01:42:06 | 024,183,152 | ---- | M] (Dropbox, Inc.) -- C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.08.08 16:58:00 | 000,251,904 | ---- | M] () -- C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.13 17:46:38 | 000,107,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
PRC - [2010.09.16 17:49:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2010.04.23 00:16:46 | 000,128,296 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.03.06 03:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2009.12.19 01:06:00 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
PRC - [2009.12.11 12:22:06 | 000,255,336 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe
PRC - [2009.12.11 12:22:04 | 000,124,264 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2009.12.11 11:58:56 | 000,344,064 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2009.09.28 16:27:18 | 000,144,752 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2009.09.21 15:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009.09.21 15:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009.07.30 09:25:02 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
PRC - [2009.07.30 09:12:44 | 000,348,160 | ---- | M] (Red Bend Ltd.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
PRC - [2009.07.15 10:18:00 | 000,062,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2009.04.16 04:04:00 | 000,061,728 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2009.04.15 17:00:42 | 000,208,896 | R--- | M] () -- C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
PRC - [2009.04.15 16:41:22 | 000,315,392 | R--- | M] (Lenovo) -- C:\Program Files\Lenovo\ATK Hotkey\LFKA.exe
PRC - [2009.04.15 15:57:58 | 000,077,824 | R--- | M] (ATK0101) -- C:\Program Files\Lenovo\ATK Hotkey\LControl.exe
PRC - [2009.03.27 17:16:08 | 000,086,016 | ---- | M] () -- C:\Users\martin\AppData\Local\Temp\{E536F0E2-06D3-43AA-AA2B-D0BE2AD19FA0}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe
PRC - [2009.02.13 16:39:02 | 000,094,208 | R--- | M] () -- C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
PRC - [2009.02.13 15:45:54 | 000,094,208 | R--- | M] () -- C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.02.02 18:04:08 | 000,067,432 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2008.03.24 10:15:04 | 000,064,368 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
PRC - [2007.03.01 02:02:00 | 000,120,368 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE


========== Modules (No Company Name) ==========

MOD - [2012.01.05 10:48:44 | 000,411,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012.01.05 10:48:43 | 003,767,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
MOD - [2012.01.05 10:47:19 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\avutil-51.dll
MOD - [2012.01.05 10:47:18 | 000,222,208 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\avformat-53.dll
MOD - [2012.01.05 10:47:17 | 001,746,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\avcodec-53.dll
MOD - [2012.01.05 08:06:01 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
MOD - [2011.11.06 06:07:44 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.11.06 06:07:27 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.11.06 06:06:42 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.11.06 06:06:19 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.08.08 16:58:00 | 000,251,904 | ---- | M] () -- C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
MOD - [2011.08.08 16:25:48 | 000,005,120 | ---- | M] () -- C:\Program Files\Y Soft\SafeQ Client\Client\cs-CZ\SafeQ Client.resources.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.11.13 17:46:46 | 001,712,128 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libvorbis_plugin.dll
MOD - [2010.11.13 17:46:46 | 001,199,104 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtaglib_plugin.dll
MOD - [2010.11.13 17:46:46 | 001,141,248 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libxml_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,368,640 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtheora_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,297,472 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libswscale_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,122,368 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libts_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,078,848 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libzip_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,046,592 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libwaveout_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,040,448 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libyuy2_i420_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libvout_wrapper_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libyuy2_i422_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,032,256 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtrivial_channel_mixer_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,031,232 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libyuvp_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,031,232 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2010.11.13 17:46:46 | 000,030,720 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtrivial_mixer_plugin.dll
MOD - [2010.11.13 17:46:44 | 011,047,936 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libqt4_plugin.dll
MOD - [2010.11.13 17:46:44 | 002,170,368 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libskins2_plugin.dll
MOD - [2010.11.13 17:46:44 | 001,025,536 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libschroedinger_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,400,384 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\librtp_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,130,048 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libspeex_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,080,896 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libsap_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libscaletempo_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,034,304 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,032,768 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\librawvideo_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,031,744 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libscale_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,031,232 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll
MOD - [2010.11.13 17:46:44 | 000,030,720 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libspdif_mixer_plugin.dll
MOD - [2010.11.13 17:46:42 | 001,747,968 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblibass_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,337,920 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblua_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,238,080 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpng_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,194,048 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmp4_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,128,000 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,108,032 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libplaylist_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,042,496 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,040,448 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmono_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,037,888 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpodcast_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,037,888 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,035,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmediadirs_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,035,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblpcm_plugin.dll
MOD - [2010.11.13 17:46:42 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll
MOD - [2010.11.13 17:46:40 | 001,747,456 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfreetype_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,309,760 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfaad_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,265,216 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libflac_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,258,048 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfluidsynth_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,231,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,210,944 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdshow_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,178,176 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,135,680 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi420_rgb_sse2_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,073,728 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi420_rgb_mmx_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,067,072 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdirectx_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,061,440 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdirect3d_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,057,344 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libblend_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,052,224 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi420_rgb_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,048,640 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi420_yuy2_sse2_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,047,104 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libbandlimited_resampler_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,046,592 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,046,080 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi422_yuy2_sse2_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,039,936 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi420_yuy2_mmx_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,039,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfilesystem_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,039,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdts_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,038,400 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi420_yuy2_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,037,888 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi422_yuy2_mmx_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,037,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfake_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,036,352 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi422_yuy2_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,034,304 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libcdg_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,032,768 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libi422_i420_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,032,768 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libgrey_yuv_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,032,768 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,032,256 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,032,256 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,031,744 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2010.11.13 17:46:40 | 000,031,232 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdrawable_plugin.dll
MOD - [2010.11.13 17:46:38 | 007,065,600 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libavcodec_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,107,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
MOD - [2010.11.13 17:46:38 | 000,101,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlc.dll
MOD - [2010.11.13 17:46:38 | 000,090,112 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libavi_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,090,112 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,065,536 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,047,104 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,045,568 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaraw_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,041,472 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaudio_format_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,036,352 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,033,280 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaes3_plugin.dll
MOD - [2010.11.13 17:46:38 | 000,030,720 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2010.11.13 17:46:36 | 002,262,528 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlccore.dll
MOD - [2010.11.05 03:31:00 | 000,037,888 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
MOD - [2010.09.22 21:12:20 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2010.09.16 18:08:04 | 000,247,096 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\CDRecord.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.07.24 14:24:48 | 000,236,048 | ---- | M] () -- C:\Windows\System32\USBPCCamwdm.ax
MOD - [2008.07.24 14:24:40 | 000,219,664 | ---- | M] () -- C:\Windows\System32\USBPCCamspef.ax
MOD - [2008.03.30 16:22:42 | 000,070,144 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
MOD - [2007.03.01 02:02:00 | 000,063,024 | ---- | M] () -- C:\Program Files\Lenovo\LenovoCare\US\LPRESMGR.DLL


========== Win32 Services (SafeList) ==========

SRV - [2011.12.14 13:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011.08.03 19:05:46 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.06.12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.12.19 03:01:14 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.11.05 03:31:00 | 000,075,112 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2010.09.16 17:49:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.19 01:06:00 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Corporate.10.0)
SRV - [2009.12.11 12:22:06 | 000,255,336 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2009.12.11 12:22:04 | 000,124,264 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2009.09.21 15:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009.09.21 15:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2009.07.30 09:25:02 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV - [2009.07.30 09:12:44 | 000,348,160 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV - [2009.07.15 10:18:00 | 000,062,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.04.15 17:00:42 | 000,208,896 | R--- | M] () [Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe -- (LFKAS)
SRV - [2009.03.27 17:16:08 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Users\martin\AppData\Local\Temp\{E536F0E2-06D3-43AA-AA2B-D0BE2AD19FA0}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe -- (XYNTService)
SRV - [2009.02.13 16:39:02 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.02.13 15:45:54 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)


========== Driver Services (SafeList) ==========

DRV - [2012.01.11 00:52:21 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9390D2C7-928A-4412-BDDF-89AD8FF2B2E4}\MpKsl0aed4739.sys -- (MpKsl0aed4739)
DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011.02.11 20:05:43 | 000,033,088 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2011.01.13 14:04:50 | 000,122,992 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2011.01.13 14:02:56 | 000,020,592 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2010.11.22 09:50:19 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.05 03:31:00 | 000,011,552 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF)
DRV - [2010.04.12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.09.15 12:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Ovladač adaptéru Intel(R)
DRV - [2009.07.30 09:06:10 | 000,056,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bpenum.sys -- (bpenum) Intel(R)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.06.04 22:44:28 | 000,014,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PuAcpi32.sys -- (MTsensor32)
DRV - [2009.04.29 15:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
DRV - [2008.09.18 10:14:44 | 000,251,392 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.31 16:12:58 | 000,173,584 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBSTK.sys -- (DCamUSBGene)
DRV - [2008.05.12 18:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2007.07.24 11:09:04 | 000,013,880 | R--- | M] () [Kernel | Auto | Running] -- C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys -- (ASMMAP)
DRV - [2006.11.14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2003.07.19 03:55:06 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Stopped] -- C:\Windows\System32\MLPTDR_N.SYS -- (MLPTDR_N)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "http://www.google.cz/search?q="
FF - prefs.js..browser.search.defaulturl: "http://www.google.cz/search?q="
FF - prefs.js..browser.search.log: true
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..keyword.URL: "http://www.google.com/search?q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.12.18 00:20:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.26 20:02:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.23 10:18:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.08.21 11:10:10 | 000,000,000 | ---D | M]

[2011.08.15 19:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\martin\AppData\Roaming\Mozilla\Extensions
[2012.01.01 15:16:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\zygybt0k.default\extensions
[2011.09.22 08:49:34 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\zygybt0k.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.12.17 00:15:50 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\zygybt0k.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011.08.31 07:47:04 | 000,002,354 | ---- | M] () -- C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\zygybt0k.default\searchplugins\aol-web-search.xml
[2011.12.29 09:14:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.01.01 15:16:06 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.01.01 15:16:12 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF
[2011.12.26 20:02:17 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.07 14:44:55 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.16 17:05:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.16 17:05:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.16 17:05:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.16 17:05:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.16 17:05:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: 602XML Filler (Enabled) = C:\Program Files\Software602\602XML\Filler\npfiller.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Plugin helper for chrome = C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoobijidemjaoohgggnlhkodhgnnlpob\8.8_0\
CHR - Extension: Skype Click to Call = C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Gmail = C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Launch Backup Service Once] C:\Program Files\Lenovo\Rescue and Recovery\rrstrigger.exe ()
O4 - HKLM..\Run: [LPManager] C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SafeQ Client] C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe (Lenovo Group Limited)
O4 - HKU\S-1-5-21-3063667510-138426626-2304098800-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3063667510-138426626-2304098800-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.230.16.140 147.230.16.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0EA3249-A262-4AEF-8189-8B7283C0FAB2}: DhcpNameServer = 147.230.16.140 147.230.16.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA88B19E-0936-45E0-B324-A91FDBAF5D68}: DhcpNameServer = 147.230.16.140 147.230.16.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{77105c31-0b62-11e0-bce0-0026185c46af}\Shell - "" = AutoRun
O33 - MountPoints2\{77105c31-0b62-11e0-bce0-0026185c46af}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

[2012.01.11 17:56:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.11 17:56:27 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.10 15:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.01.10 15:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.01.11 19:12:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.11 16:29:20 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.11 16:21:17 | 000,667,812 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.01.11 16:21:17 | 000,653,158 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.11 16:21:17 | 000,121,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.11 16:21:16 | 000,140,606 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.01.11 16:19:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.10 15:05:03 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.10 13:46:35 | 000,074,200 | ---- | M] () -- C:\Users\martin\Desktop\retro3.jpg
[2012.01.10 13:46:27 | 000,057,033 | ---- | M] () -- C:\Users\martin\Desktop\retro2.jpg
[2012.01.10 13:46:15 | 000,071,657 | ---- | M] () -- C:\Users\martin\Desktop\retro.jpg
[2012.01.08 12:17:57 | 000,220,875 | ---- | M] () -- C:\Users\martin\Desktop\retrobal12_def.png
[2012.01.08 12:16:28 | 001,921,364 | ---- | M] () -- C:\Users\martin\Desktop\retrobal.jpg
[2012.01.06 20:55:03 | 000,507,283 | ---- | M] () -- C:\Users\martin\Desktop\Screen Shot 2012-01-06 at 20.54.29.png
[2012.01.06 11:22:46 | 000,092,792 | ---- | M] () -- C:\Users\martin\Desktop\PF-2012-A5m.png
[2012.01.06 11:18:30 | 000,283,301 | ---- | M] () -- C:\Users\martin\Desktop\PF-2012-A5.png
[2012.01.06 10:26:49 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.06 10:26:49 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.06 00:45:29 | 2388,631,552 | -HS- | M] () -- C:\hiberfil.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.10 15:05:03 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.10 13:46:37 | 000,074,200 | ---- | C] () -- C:\Users\martin\Desktop\retro3.jpg
[2012.01.10 13:46:30 | 000,057,033 | ---- | C] () -- C:\Users\martin\Desktop\retro2.jpg
[2012.01.10 13:46:21 | 000,071,657 | ---- | C] () -- C:\Users\martin\Desktop\retro.jpg
[2012.01.08 12:17:56 | 000,220,875 | ---- | C] () -- C:\Users\martin\Desktop\retrobal12_def.png
[2012.01.08 12:16:31 | 001,921,364 | ---- | C] () -- C:\Users\martin\Desktop\retrobal.jpg
[2012.01.06 20:54:48 | 000,507,283 | ---- | C] () -- C:\Users\martin\Desktop\Screen Shot 2012-01-06 at 20.54.29.png
[2012.01.06 11:22:45 | 000,092,792 | ---- | C] () -- C:\Users\martin\Desktop\PF-2012-A5m.png
[2012.01.06 11:18:27 | 000,283,301 | ---- | C] () -- C:\Users\martin\Desktop\PF-2012-A5.png
[2011.12.24 16:33:55 | 000,131,101 | ---- | C] () -- C:\Windows\SETUPA3.EXE
[2011.11.26 02:00:29 | 003,969,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.17 01:31:25 | 000,007,605 | ---- | C] () -- C:\Users\martin\AppData\Local\Resmon.ResmonCfg
[2011.10.19 10:20:00 | 000,011,264 | ---- | C] () -- C:\Windows\System32\KOAZ8JAL.DLL
[2011.09.24 23:52:28 | 000,000,082 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.07.24 14:08:18 | 000,011,264 | ---- | C] () -- C:\Windows\System32\KOAZ8J_L.DLL
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.07 09:09:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.07 09:07:24 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.28 14:51:06 | 000,024,576 | ---- | C] () -- C:\Windows\UniFISH.exe
[2011.05.08 22:33:58 | 000,000,000 | ---- | C] () -- C:\Users\martin\AppData\Local\{26D4A0A3-1BFE-4E2D-A254-195DBEC253E8}
[2011.03.16 16:21:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.03.16 15:49:05 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.03.16 15:49:05 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll
[2011.03.11 19:12:36 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011.02.09 18:24:40 | 000,000,926 | ---- | C] () -- C:\Windows\eReg.dat
[2011.02.01 17:22:56 | 000,009,216 | ---- | C] () -- C:\Users\martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.28 11:30:55 | 000,000,005 | ---- | C] () -- C:\Program Files\trl.trl
[2011.01.14 23:50:54 | 000,011,521 | ---- | C] () -- C:\Windows\MSUMLT_N.INI
[2011.01.14 13:03:14 | 003,444,224 | ---- | C] () -- C:\Windows\System32\SAFEQVS.DLL
[2011.01.14 13:03:14 | 000,581,120 | ---- | C] () -- C:\Windows\System32\SafeQCairoLib.DLL
[2011.01.14 13:03:14 | 000,133,632 | ---- | C] () -- C:\Windows\System32\SAFEQUI.DLL
[2011.01.08 22:17:10 | 000,006,380 | R--- | C] () -- C:\Program Files\R1381_Cracovia.apk
[2011.01.08 21:54:19 | 000,000,000 | ---- | C] () -- C:\Users\martin\AppData\Roaming\FileOut.cns
[2011.01.08 21:54:19 | 000,000,000 | ---- | C] () -- C:\Users\martin\AppData\Roaming\FileIn.cns
[2010.12.21 22:48:01 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.18 00:55:51 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.18 00:11:03 | 000,086,016 | ---- | C] () -- C:\Windows\stk2135bsrv.exe
[2010.12.18 00:05:59 | 000,014,344 | ---- | C] () -- C:\Windows\System32\drivers\PuAcpi32.sys
[2010.12.17 23:56:34 | 000,522,256 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK1.sys
[2010.12.17 23:56:34 | 000,299,920 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK0.sys
[2010.12.17 23:56:34 | 000,145,424 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK2.sys
[2010.12.17 23:56:34 | 000,025,616 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK3.sys
[2010.12.17 23:56:33 | 000,173,584 | ---- | C] () -- C:\Windows\System32\drivers\USBSTK.sys
[2010.12.17 23:56:33 | 000,055,824 | ---- | C] () -- C:\Windows\CamUnist.exe
[2010.08.25 19:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 19:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 19:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 18:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2009.07.30 09:17:12 | 000,002,048 | ---- | C] () -- C:\Windows\System32\EventLogMessages.dll
[2009.07.14 09:44:22 | 000,667,812 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 09:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 09:44:22 | 000,140,606 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 09:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:05:48 | 000,653,158 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,121,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.13 23:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2002.08.29 16:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\System32\MafiaSetup.exe
[2002.08.29 16:33:56 | 000,319,488 | R--- | C] () -- C:\Users\martin\AppData\Roaming\MafiaSetup.exe
[1997.06.14 00:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2011.03.28 21:13:26 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\602Installer
[2011.01.29 12:34:24 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\602XML
[2011.03.30 15:51:32 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\BitTorrent
[2011.04.17 18:33:39 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Broad Intelligence
[2011.02.24 21:42:49 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Dipito
[2011.09.07 13:16:46 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Driller.337915C9AA4759266E5017605C4EE365F9DD7AA0.1
[2012.01.11 19:46:30 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Dropbox
[2011.12.12 10:40:47 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\FireShot
[2011.02.25 15:17:26 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\GHISLER
[2010.12.18 00:04:21 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Miranda
[2011.02.09 19:57:03 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\My Games
[2011.08.16 17:05:53 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Nokia
[2011.08.16 17:05:54 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Nokia Ovi Suite
[2011.02.01 17:18:55 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\PC Suite
[2011.02.22 20:44:03 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\QIP
[2011.03.28 21:04:23 | 000,000,000 | ---D | M] -- C:\Users\martin\AppData\Roaming\Software602
[2011.08.11 12:25:40 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 11.1.2012 19:54:30 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\martin\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,97 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 43,40% Memory free
5,93 Gb Paging File | 3,97 Gb Available in Paging File | 66,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 62,34 Gb Free Space | 26,78% Space Free | Partition Type: NTFS

Computer Name: MARTIN-NTB | User Name: martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{055B9AD2-48E1-462E-9992-814123063C46}" = Lenovo_ATK_Package
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{061A431C-86E7-4DB4-92B8-36DE783865CF}" = Integrated Camera
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2F881B56-CBDF-4EC6-A8D2-6412A879C66A}_is1" = AMR Player 1.3
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{402F8EF6-D4F8-4E0C-B572-99D318A06FC7}" = Language Lab Demo
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Lenovo Care Supplement
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A0E7C15-29D9-431D-83B2-20FCFBDB088E}" = STORMWARE POHODA CZ Start
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{750E00B4-A401-468B-904C-89EAA00E69E7}" = STORMWARE POHODA CZ Start
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9652B1F8-F795-46D5-A23F-9C3C41647E51}" = Nokia PC Internet Access
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93E1798-E523-4152-BA23-35DF8A4928ED}" = STORMWARE POHODA CZ Start
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B383F243-0ABC-4E56-AA30-923B8D85076E}" = Rescue and Recovery
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Software Intel(R) PROSet/Wireless WiFi
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D387C31D-971F-4EEC-8734-382B39AD04F0}" = Software602 Form Filler
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
"{DBDE38E7-FD47-E118-2B31-6A88198B2A85}" = Driller
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E5B3A1BA-1FB2-45FF-B314-C1EA7469D4FD}" = STORMWARE POHODA CZ Start
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Corporate Edition
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7C878A0-C727-4A82-A953-7187D0872FB5}" = STORMWARE POHODA CZ Start
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9766AC1-1461-1033-B862-DF8FE1C033BE}" = Adobe InDesign CS5
"{FAE224AF-B15E-448B-88FA-1839A7570CF8}" = Intel® PROSet/Wireless WiMAX Software
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"CNXT_AUDIO_HDA" = Conexant HD Audio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Driller.337915C9AA4759266E5017605C4EE365F9DD7AA0.1" = Driller
"ft_Transport Tycoon Deluxe" = Transport Tycoon Deluxe
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"KONICA MINOLTA PagePro 1300W" = KONICA MINOLTA PagePro 1300W
"LENOVO.SMIIF" = Lenovo System Interface Driver
"Mario Forever v 2.16 !" = Mario Forever v 2.16 !
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Miranda IM" = Miranda IM 0.9.23
"Moje slovíčka_is1" = Moje slovíčka 1.3
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Internet Access" = Nokia PC Internet Access
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OnScreenDisplay" = On Screen Display
"OpenTTD" = OpenTTD 0.6.0
"Power Management Driver" = ThinkPad Power Management Driver for SL Series
"PowerISO" = PowerISO
"ProInst" = Intel PROSet Wireless
"PSPad editor_is1" = PSPad editor
"Replay Media Catcher4" = Applian Director
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StrongDC++" = StrongDC++ 2.41
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.5
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3063667510-138426626-2304098800-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Re: Kontrola logu

Napsal: 11 led 2012 20:29
od vyosek
:arrow: Jste tam nedal skript jak jsem chtel :?:

:arrow: Spustte OTL znovu
  • Kliknete na Nekontrolovat
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi log OTL.txt, dejte jej sem
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz