Změnili se všechny ikony v PC na mediaplayer
Napsal: 28 úno 2012 20:08
Prosím o pomoc. Po navštívení odkazu který mi byl zaslán, změnili se všechny ikony v počítači na ikonu mediaplayeru.
Předem děkuji moc za pomoc.
Logfile of random's system information tool 1.09 (written by random/random)
Run by okay at 2012-02-28 19:11:08
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 29 GB (20%) free of 142 GB
Total RAM: 2813 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:08, on 28.2.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\okay\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\okay\STAŽENÉ SOUBORY\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\okay.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 209&m=e620
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 209&m=e620
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
--
End of file - 8553 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\qe1o09g1.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "support@easygifanimator-toolbar.com:1.0, {ecdee021-0d17-467f-a1ff-c7a115230949}:2.7.2.0, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, engine@conduit.com:3.2.5.2, {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:1.0, widgetruntime@surfsecret.com:1.0, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319, avg@igeared:6.103.018.001, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"widgetruntime@surfsecret.com"=C:\Program Files\Panda Security\Panda ID Protect\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npdeploytk.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\qe1o09g1.default\extensions\
engine@conduit.com
trash
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
{ecdee021-0d17-467f-a1ff-c7a115230949}
C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\qe1o09g1.default\searchplugins\
avg-secure-search.xml
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
winamp-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4401FDC3-7996-4774-8D2B-C1AE9CD6CC25}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96372AB6-15EB-4316-B497-71C741BC548C}]
Easy Gif Animator Toolbar Helper - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll [2009-07-26 815104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Security Toolbar - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2010-12-19 86696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{35065594-9169-4A34-B167-FC4865038E53} - Easy Gif Animator Toolbar - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll [2009-07-26 815104]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2010-12-19 86696]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-05-09 49152]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-03 6266880]
"Skytel"=C:\Windows\Skytel.exe [2008-06-25 1826816]
"eRecoveryService"= []
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"PSUNMain"=C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe [2011-04-28 439616]
"Panda Security URL Filtering"=C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [2011-06-29 217256]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-02-03 3508624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-02-03 943504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe [2011-12-24 247968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.5\ICQ.exe silent loginmode=4 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-07-23 846344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-22 1037608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-02-28 19:11:08 ----D---- C:\rsit
2012-02-28 19:11:08 ----D---- C:\Program Files\trend micro
2012-02-16 20:25:35 ----D---- C:\Users\okay\AppData\Roaming\Media Player Classic
2012-02-16 17:06:21 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 17:06:20 ----A---- C:\Windows\system32\jscript.dll
2012-02-16 17:06:20 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 17:06:19 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 17:06:19 ----A---- C:\Windows\system32\jscript9.dll
2012-02-16 17:06:18 ----A---- C:\Windows\system32\url.dll
2012-02-16 17:06:18 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-16 17:06:18 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 17:06:17 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 17:06:14 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 17:06:14 ----A---- C:\Windows\system32\ieframe.dll
2012-02-15 17:44:33 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-15 17:44:27 ----A---- C:\Windows\system32\win32k.sys
2012-02-12 18:41:14 ----A---- C:\Windows\system32\WinUSBCoInstaller.dll
2012-02-12 18:41:14 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2012-02-12 18:41:12 ----A---- C:\Windows\system32\drivers\ssudobex.sys
2012-02-12 18:41:11 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2012-02-12 18:41:10 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2012-02-12 18:35:23 ----A---- C:\Windows\system32\drivers\dgderdrv.sys
2012-02-12 18:35:23 ----A---- C:\Windows\system32\DIFxAPI.dll
2012-02-12 18:35:23 ----A---- C:\Windows\system32\dgderapi.dll
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_whnt.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_wh.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_mdm.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_mdfl.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_cmnt.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_cm.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_bus.sys
2012-02-12 17:22:42 ----A---- C:\Windows\system32\FsUsbExService.Exe
2012-02-12 17:22:42 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2012-02-12 17:22:42 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2012-02-12 17:20:53 ----D---- C:\Program Files\PC Connectivity Solution
2012-02-12 17:18:34 ----D---- C:\Users\okay\AppData\Roaming\Samsung
2012-02-12 17:18:34 ----D---- C:\Program Files\MarkAny
2012-02-12 17:18:33 ----D---- C:\ProgramData\Samsung
2012-02-12 17:18:20 ----D---- C:\Program Files\Samsung
2012-02-12 17:18:09 ----D---- C:\Program Files\Common Files\Samsung
2012-02-12 16:36:27 ----D---- C:\ProgramData\Xerox
2012-01-31 18:15:44 ----A---- C:\Windows\system32\muzwmts.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\muzaf1.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MTTELECHIP.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MaXMLProto.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MaJGUILib.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MaDRM.dll
2012-01-31 18:15:44 ----A---- C:\Windows\MusiccityDownload.exe
2012-01-31 18:15:44 ----A---- C:\Windows\MASetupCaller.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\muzapp.exe
2012-01-31 18:15:42 ----A---- C:\Windows\system32\muzapp.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MTXSYNCICON.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MSLUR71.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MSFLib.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MSCLib.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MK_Lyric.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MASetupCleaner.exe
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MAMACExtract.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MACXMLProto.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\issacapi_se-2.3.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\issacapi_pe-2.3.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\issacapi_bs-2.3.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\cis-2.4.dll
2012-01-31 16:45:06 ----A---- C:\Windows\system32\schannel.dll
2012-01-31 16:45:06 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-31 16:45:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-31 16:45:05 ----A---- C:\Windows\system32\winhttp.dll
2012-01-31 16:45:05 ----A---- C:\Windows\system32\secur32.dll
2012-01-31 16:45:05 ----A---- C:\Windows\system32\lsass.exe
======List of files/folders modified in the last 1 month======
2012-02-28 19:11:21 ----D---- C:\Windows\Prefetch
2012-02-28 19:11:13 ----D---- C:\Windows\Temp
2012-02-28 19:11:08 ----RD---- C:\Program Files
2012-02-28 19:06:20 ----D---- C:\Program Files\Mozilla Firefox
2012-02-28 18:51:14 ----D---- C:\Users\okay\AppData\Roaming\Skype
2012-02-28 18:40:15 ----D---- C:\ProgramData\Panda Security URL Filtering
2012-02-28 18:38:51 ----D---- C:\Windows\system32\wbem
2012-02-28 18:38:51 ----D---- C:\Windows
2012-02-28 18:37:49 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-28 18:37:43 ----D---- C:\Windows\winsxs
2012-02-28 18:37:43 ----D---- C:\Windows\Tasks
2012-02-28 18:37:43 ----D---- C:\Windows\system32\spool
2012-02-28 18:37:43 ----D---- C:\Windows\system32\migration
2012-02-28 18:37:43 ----D---- C:\Windows\system32\drivers
2012-02-28 18:37:43 ----D---- C:\Windows\system32\CodeIntegrity
2012-02-28 18:37:43 ----D---- C:\Windows\system32\catroot2
2012-02-28 18:37:43 ----D---- C:\Windows\System32
2012-02-28 18:37:43 ----D---- C:\Windows\inf
2012-02-28 18:37:42 ----D---- C:\Windows\registration
2012-02-28 18:37:42 ----D---- C:\Program Files\Windows Mail
2012-02-28 18:37:42 ----D---- C:\Program Files\Internet Explorer
2012-02-28 18:32:03 ----SHD---- C:\System Volume Information
2012-02-28 17:08:18 ----D---- C:\Users\okay\AppData\Roaming\skypePM
2012-02-18 16:58:38 ----D---- C:\Users\okay\AppData\Roaming\vlc
2012-02-18 16:58:38 ----D---- C:\Users\okay\AppData\Roaming\GHISLER
2012-02-18 16:42:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-16 17:08:47 ----A---- C:\Windows\system32\mrt.exe
2012-02-16 17:06:47 ----D---- C:\Windows\system32\catroot
2012-02-16 17:05:59 ----SHD---- C:\Windows\Installer
2012-02-16 17:05:56 ----SHD---- C:\Config.Msi
2012-02-12 19:14:56 ----SD---- C:\Users\okay\AppData\Roaming\Microsoft
2012-02-12 18:35:17 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-12 17:18:33 ----HD---- C:\ProgramData
2012-02-12 17:18:09 ----D---- C:\Program Files\Common Files
2012-02-11 23:04:14 ----D---- C:\Users\okay\AppData\Roaming\gtk-2.0
2012-01-31 18:15:50 ----A---- C:\Windows\system32\Redemption.dll
2012-01-30 21:05:29 ----D---- C:\Program Files\GIMP-2.0
2012-01-29 05:10:42 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-08-07 129552]
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-08 443448]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 PSINKNC;PSINKNC; C:\Windows\system32\DRIVERS\psinknc.sys [2011-04-28 126024]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-23 278984]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-06-11 15392]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-23 25416]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2011-08-01 143624]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2011-04-28 99400]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2011-04-28 111176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2011-04-28 112712]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 3847168]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-01-23 1187320]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-03 2152088]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2006-10-02 10368]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-06-10 123904]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-22 198064]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-05-23 49904]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2012-01-31 20032]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2011-01-20 36640]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-12-21 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-12-21 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-12-21 123776]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2011-12-08 181432]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-04 692224]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 ETService;Empowering Technology Service; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [2008-06-11 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 NanoServiceMain;Panda Cloud Antivirus Service; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
-----------------EOF-----------------
Předem děkuji moc za pomoc.
Logfile of random's system information tool 1.09 (written by random/random)
Run by okay at 2012-02-28 19:11:08
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 29 GB (20%) free of 142 GB
Total RAM: 2813 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:08, on 28.2.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\okay\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\okay\STAŽENÉ SOUBORY\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\okay.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 209&m=e620
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 209&m=e620
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
--
End of file - 8553 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\qe1o09g1.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "support@easygifanimator-toolbar.com:1.0, {ecdee021-0d17-467f-a1ff-c7a115230949}:2.7.2.0, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, engine@conduit.com:3.2.5.2, {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:1.0, widgetruntime@surfsecret.com:1.0, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319, avg@igeared:6.103.018.001, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"widgetruntime@surfsecret.com"=C:\Program Files\Panda Security\Panda ID Protect\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npdeploytk.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\qe1o09g1.default\extensions\
engine@conduit.com
trash
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
{ecdee021-0d17-467f-a1ff-c7a115230949}
C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\qe1o09g1.default\searchplugins\
avg-secure-search.xml
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
winamp-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4401FDC3-7996-4774-8D2B-C1AE9CD6CC25}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96372AB6-15EB-4316-B497-71C741BC548C}]
Easy Gif Animator Toolbar Helper - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll [2009-07-26 815104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Security Toolbar - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2010-12-19 86696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{35065594-9169-4A34-B167-FC4865038E53} - Easy Gif Animator Toolbar - C:\Program Files\Easy Gif Animator Extension\v3.3.0.2\EasyGifAnimator_Toolbar.dll [2009-07-26 815104]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2010-12-19 86696]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-05-09 49152]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-03 6266880]
"Skytel"=C:\Windows\Skytel.exe [2008-06-25 1826816]
"eRecoveryService"= []
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"PSUNMain"=C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe [2011-04-28 439616]
"Panda Security URL Filtering"=C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [2011-06-29 217256]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-02-03 3508624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-02-03 943504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe [2011-12-24 247968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.5\ICQ.exe silent loginmode=4 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-07-23 846344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-22 1037608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-02-28 19:11:08 ----D---- C:\rsit
2012-02-28 19:11:08 ----D---- C:\Program Files\trend micro
2012-02-16 20:25:35 ----D---- C:\Users\okay\AppData\Roaming\Media Player Classic
2012-02-16 17:06:21 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 17:06:20 ----A---- C:\Windows\system32\jscript.dll
2012-02-16 17:06:20 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 17:06:19 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 17:06:19 ----A---- C:\Windows\system32\jscript9.dll
2012-02-16 17:06:18 ----A---- C:\Windows\system32\url.dll
2012-02-16 17:06:18 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-16 17:06:18 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 17:06:17 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 17:06:14 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 17:06:14 ----A---- C:\Windows\system32\ieframe.dll
2012-02-15 17:44:33 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-15 17:44:27 ----A---- C:\Windows\system32\win32k.sys
2012-02-12 18:41:14 ----A---- C:\Windows\system32\WinUSBCoInstaller.dll
2012-02-12 18:41:14 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2012-02-12 18:41:12 ----A---- C:\Windows\system32\drivers\ssudobex.sys
2012-02-12 18:41:11 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2012-02-12 18:41:10 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2012-02-12 18:35:23 ----A---- C:\Windows\system32\drivers\dgderdrv.sys
2012-02-12 18:35:23 ----A---- C:\Windows\system32\DIFxAPI.dll
2012-02-12 18:35:23 ----A---- C:\Windows\system32\dgderapi.dll
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_whnt.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_wh.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_mdm.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_mdfl.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_cmnt.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_cm.sys
2012-02-12 17:24:32 ----A---- C:\Windows\system32\drivers\ss_bus.sys
2012-02-12 17:22:42 ----A---- C:\Windows\system32\FsUsbExService.Exe
2012-02-12 17:22:42 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2012-02-12 17:22:42 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2012-02-12 17:20:53 ----D---- C:\Program Files\PC Connectivity Solution
2012-02-12 17:18:34 ----D---- C:\Users\okay\AppData\Roaming\Samsung
2012-02-12 17:18:34 ----D---- C:\Program Files\MarkAny
2012-02-12 17:18:33 ----D---- C:\ProgramData\Samsung
2012-02-12 17:18:20 ----D---- C:\Program Files\Samsung
2012-02-12 17:18:09 ----D---- C:\Program Files\Common Files\Samsung
2012-02-12 16:36:27 ----D---- C:\ProgramData\Xerox
2012-01-31 18:15:44 ----A---- C:\Windows\system32\muzwmts.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\muzaf1.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MTTELECHIP.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MaXMLProto.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MaJGUILib.dll
2012-01-31 18:15:44 ----A---- C:\Windows\system32\MaDRM.dll
2012-01-31 18:15:44 ----A---- C:\Windows\MusiccityDownload.exe
2012-01-31 18:15:44 ----A---- C:\Windows\MASetupCaller.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\muzapp.exe
2012-01-31 18:15:42 ----A---- C:\Windows\system32\muzapp.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MTXSYNCICON.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MSLUR71.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MSFLib.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MSCLib.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MK_Lyric.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MASetupCleaner.exe
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MAMACExtract.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\MACXMLProto.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\issacapi_se-2.3.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\issacapi_pe-2.3.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\issacapi_bs-2.3.dll
2012-01-31 18:15:42 ----A---- C:\Windows\system32\cis-2.4.dll
2012-01-31 16:45:06 ----A---- C:\Windows\system32\schannel.dll
2012-01-31 16:45:06 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-31 16:45:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-31 16:45:05 ----A---- C:\Windows\system32\winhttp.dll
2012-01-31 16:45:05 ----A---- C:\Windows\system32\secur32.dll
2012-01-31 16:45:05 ----A---- C:\Windows\system32\lsass.exe
======List of files/folders modified in the last 1 month======
2012-02-28 19:11:21 ----D---- C:\Windows\Prefetch
2012-02-28 19:11:13 ----D---- C:\Windows\Temp
2012-02-28 19:11:08 ----RD---- C:\Program Files
2012-02-28 19:06:20 ----D---- C:\Program Files\Mozilla Firefox
2012-02-28 18:51:14 ----D---- C:\Users\okay\AppData\Roaming\Skype
2012-02-28 18:40:15 ----D---- C:\ProgramData\Panda Security URL Filtering
2012-02-28 18:38:51 ----D---- C:\Windows\system32\wbem
2012-02-28 18:38:51 ----D---- C:\Windows
2012-02-28 18:37:49 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-28 18:37:43 ----D---- C:\Windows\winsxs
2012-02-28 18:37:43 ----D---- C:\Windows\Tasks
2012-02-28 18:37:43 ----D---- C:\Windows\system32\spool
2012-02-28 18:37:43 ----D---- C:\Windows\system32\migration
2012-02-28 18:37:43 ----D---- C:\Windows\system32\drivers
2012-02-28 18:37:43 ----D---- C:\Windows\system32\CodeIntegrity
2012-02-28 18:37:43 ----D---- C:\Windows\system32\catroot2
2012-02-28 18:37:43 ----D---- C:\Windows\System32
2012-02-28 18:37:43 ----D---- C:\Windows\inf
2012-02-28 18:37:42 ----D---- C:\Windows\registration
2012-02-28 18:37:42 ----D---- C:\Program Files\Windows Mail
2012-02-28 18:37:42 ----D---- C:\Program Files\Internet Explorer
2012-02-28 18:32:03 ----SHD---- C:\System Volume Information
2012-02-28 17:08:18 ----D---- C:\Users\okay\AppData\Roaming\skypePM
2012-02-18 16:58:38 ----D---- C:\Users\okay\AppData\Roaming\vlc
2012-02-18 16:58:38 ----D---- C:\Users\okay\AppData\Roaming\GHISLER
2012-02-18 16:42:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-16 17:08:47 ----A---- C:\Windows\system32\mrt.exe
2012-02-16 17:06:47 ----D---- C:\Windows\system32\catroot
2012-02-16 17:05:59 ----SHD---- C:\Windows\Installer
2012-02-16 17:05:56 ----SHD---- C:\Config.Msi
2012-02-12 19:14:56 ----SD---- C:\Users\okay\AppData\Roaming\Microsoft
2012-02-12 18:35:17 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-12 17:18:33 ----HD---- C:\ProgramData
2012-02-12 17:18:09 ----D---- C:\Program Files\Common Files
2012-02-11 23:04:14 ----D---- C:\Users\okay\AppData\Roaming\gtk-2.0
2012-01-31 18:15:50 ----A---- C:\Windows\system32\Redemption.dll
2012-01-30 21:05:29 ----D---- C:\Program Files\GIMP-2.0
2012-01-29 05:10:42 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-08-07 129552]
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-08 443448]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 PSINKNC;PSINKNC; C:\Windows\system32\DRIVERS\psinknc.sys [2011-04-28 126024]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-23 278984]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-06-11 15392]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-23 25416]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2011-08-01 143624]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2011-04-28 99400]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2011-04-28 111176]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2011-04-28 112712]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 3847168]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-01-23 1187320]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-03 2152088]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2006-10-02 10368]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-06-10 123904]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-22 198064]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-05-23 49904]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2012-01-31 20032]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2011-01-20 36640]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-12-21 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-12-21 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-12-21 123776]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2011-12-08 181432]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-04 692224]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 ETService;Empowering Technology Service; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [2008-06-11 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 NanoServiceMain;Panda Cloud Antivirus Service; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
-----------------EOF-----------------