VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radovan at 2012-03-10 09:58:10
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 76 GB (33%) free of 229 GB
Total RAM: 2039 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:58:25, on 10. 3. 2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\Downloads\RSIT.exe
C:\Program Files\trend micro\Radovan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\Radovan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: _uninst_97358621.lnk = Radovan\AppData\Local\Temp\_uninst_97358621.bat
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: Služba Google Update (gupdate1ca02d86eb20449) (gupdate1ca02d86eb20449) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 12393 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523394027-752184300-1019812113-1006Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523394027-752184300-1019812113-1006UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\rgh9fase.default

prefs.js - "extensions.enabledItems" - "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.4, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323, langpack-sk@firefox.mozilla.org:3.6.87, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\firefox\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
answers.xml
bing.xml
creativecommons.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\rgh9fase.default\extensions\
langpack-sk@firefox.mozilla.org
{20a82645-c095-46ed-80e3-08825760534b}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\rgh9fase.default\searchplugins\
crawlersrch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2011-03-11 1232520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-25 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-25 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\ctbr.dll [2011-03-11 1232520]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-24 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-24 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-24 129560]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-05-11 472632]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-06-05 71176]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-11-06 177456]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-02-21 1183744]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-12-21 6676808]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-12-15 258512]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
"Google Update"=C:\Users\Radovan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
PHOTOfunSTUDIO HD Edition.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

C:\Users\Radovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
_uninst_97358621.lnk - C:\Users\Radovan\AppData\Local\Temp\_uninst_97358621.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-09 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\Windows\system32\DeviceNP.dll [2007-06-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-08-24 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-08-28 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.iv32"=C:\Windows\system32\ir32_32.dll
"vidc.iv31"=C:\Windows\system32\ir32_32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-03-03 01:23:17 ----SHD---- C:\Config.Msi
2012-02-25 09:25:45 ----A---- C:\Windows\system32\javaws.exe
2012-02-25 09:25:45 ----A---- C:\Windows\system32\javaw.exe
2012-02-25 09:25:45 ----A---- C:\Windows\system32\java.exe
2012-02-16 22:56:12 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 22:56:11 ----A---- C:\Windows\system32\jscript.dll
2012-02-16 22:56:11 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\url.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\jscript9.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 22:56:09 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-16 22:56:08 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 22:56:06 ----A---- C:\Windows\system32\ieframe.dll
2012-02-16 22:56:05 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 21:40:08 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-16 21:40:06 ----A---- C:\Windows\system32\win32k.sys
2012-02-12 12:03:18 ----D---- C:\Users\Radovan\AppData\Roaming\Avira
2012-02-12 11:57:19 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2012-02-12 11:57:16 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-02-12 11:57:16 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-02-12 11:57:16 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-02-12 11:57:14 ----D---- C:\ProgramData\Avira
2012-02-12 11:57:14 ----D---- C:\Program Files\Avira

======List of files/folders modified in the last 1 month======

2012-03-10 09:58:21 ----D---- C:\Windows\Prefetch
2012-03-10 09:58:12 ----D---- C:\Program Files\trend micro
2012-03-10 09:58:11 ----D---- C:\Windows\temp
2012-03-10 09:49:24 ----D---- C:\Windows\System32
2012-03-10 09:49:24 ----D---- C:\Windows\inf
2012-03-10 09:49:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-10 09:47:44 ----D---- C:\Windows\Tasks
2012-03-09 17:15:29 ----SHD---- C:\System Volume Information
2012-03-09 17:06:46 ----D---- C:\ProgramData\Google Updater
2012-03-09 17:03:54 ----D---- C:\Program Files\SUPERAntiSpyware
2012-03-07 19:57:45 ----D---- C:\Program Files\Mozilla Firefox
2012-03-07 19:18:51 ----D---- C:\Program Files\Crawler
2012-03-03 12:26:43 ----D---- C:\Users\Radovan\AppData\Roaming\Media Player Classic
2012-03-03 11:44:30 ----D---- C:\Users\Radovan\AppData\Roaming\Skype
2012-03-03 10:05:05 ----D---- C:\Users\Radovan\AppData\Roaming\skypePM
2012-03-03 07:46:01 ----D---- C:\Windows
2012-03-03 01:38:26 ----SHD---- C:\Windows\Installer
2012-03-03 01:37:52 ----D---- C:\ProgramData\Microsoft Help
2012-03-03 01:37:51 ----RSD---- C:\Windows\assembly
2012-03-03 01:36:21 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-03 01:35:56 ----D---- C:\Users\Radovan\AppData\Roaming\uTorrent
2012-03-03 01:23:37 ----A---- C:\Windows\win.ini
2012-03-03 01:17:56 ----D---- C:\Windows\Panther
2012-03-03 01:17:56 ----D---- C:\Windows\ModemLogs
2012-03-03 01:17:32 ----D---- C:\Windows\Logs
2012-03-03 01:17:31 ----D---- C:\Windows\Debug
2012-02-29 20:15:54 ----D---- C:\Windows\Microsoft.NET
2012-02-26 16:58:44 ----D---- C:\Program Files\Common Files\Adobe
2012-02-26 16:58:43 ----D---- C:\ProgramData\Adobe
2012-02-25 09:26:22 ----D---- C:\Program Files\Common Files\Java
2012-02-25 09:25:11 ----A---- C:\Windows\system32\deployJava1.dll
2012-02-24 16:50:36 ----D---- C:\Windows\system32\WDI
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-19 18:32:00 ----D---- C:\Windows\system32\drivers
2012-02-17 20:35:58 ----D---- C:\Windows\winsxs
2012-02-17 20:02:25 ----D---- C:\Windows\system32\migration
2012-02-17 20:02:25 ----D---- C:\Program Files\Internet Explorer
2012-02-17 20:02:19 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-16 22:57:17 ----A---- C:\Windows\system32\mrt.exe
2012-02-16 22:56:29 ----D---- C:\Windows\system32\catroot
2012-02-16 22:54:55 ----D---- C:\Program Files\Windows Mail
2012-02-16 21:39:28 ----D---- C:\Windows\system32\catroot2
2012-02-12 11:57:14 ----RD---- C:\Program Files
2012-02-12 11:57:14 ----D---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 97358621;97358621; C:\Windows\system32\DRIVERS\97358621.sys [2011-12-21 133208]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-03-21 304920]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-02-16 137416]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-12-15 36000]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-01-17 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-12-19 38616]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 82400]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-08-28 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2011-08-28 67664]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-12-15 74640]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-04-24 309248]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-10-11 1044472]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-05-11 79664]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-05-11 81200]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-05-11 16432]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-05-24 223616]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-10-11 1044472]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 catchme;catchme; \??\C:\Users\Radovan\AppData\Local\Temp\catchme.sys []
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv.sys [2007-06-08 30008]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-07 12872]
S3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-28 116608]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-02-06 69632]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-04-16 9216]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-12-15 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2007-06-15 145504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-12-19 1960584]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-06-05 61440]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2007-12-05 144688]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca02d86eb20449;Služba Google Update (gupdate1ca02d86eb20449); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-12 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-12 190448]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\Windows\system32\flcdlock.exe [2007-06-08 172131]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-12 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-22 1010424]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

Zdravim

Na logu se pracuje, bude to nejakou dobu trvat

Tento soubor C:\Windows\system32\DRIVERS\97358621.sys mi radeji otestujte na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846


Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery bude zde C:\_OTM\MovedFiles\

ten subor na virustotal je negativny.

ten omg log sa asi uplne nepodaril, ale mam dva:


Files moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...


ozvala si pri tomto Hosts Avira a nejak sa to seklo. tak som stlacil po chvilke opat "move it" a dokoncilo sa toto:

All processes killed
Error: Unable to interpret <[RESETHOSTS]> in the current context!
Error: Unable to interpret <[Purity]> in the current context!
Error: Unable to interpret <[EMPTYTEMP]> in the current context!
Error: Unable to interpret <[EMPTYFLASH]> in the current context!

OTM by OldTimer - Version 3.1.19.0 log created on 03102012_231003



Priebezne to do toho praveho pola pisalo viac vysledkov, mam to doplnit o novy RSIT?

Spustte OTM znovu, ale tentokrat v nouzovem rezimu (restartujte pc a mackejte klavesu F8, pripadne zde jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554 ). Tam do toho nebude Avira kecat.

Kdyby se vam nedarilo dostat se do NR, zkuste to v normalnim rezimu, ale vypnete Aviru.

All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Windows\tasks\Google Software Updater.job not found.
File/Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.
File/Folder C:\Windows\tasks\GoogleUpdateTaskMachineUA.job not found.
File/Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523394027-752184300-1019812113-1006Core.job not found.
File/Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523394027-752184300-1019812113-1006UA.job not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaMServer not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaOviSuite2 not found.
========== SERVICES/DRIVERS ==========
Error: No service named aswUpdSv was found to stop!
Service\Driver key aswUpdSv not found.
Error: No service named gupdate1ca02d86eb20449 was found to stop!
Service\Driver key gupdate1ca02d86eb20449 not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Radovan
->Temp folder emptied: 2006 bytes
->Temporary Internet Files folder emptied: 2111949 bytes
->Java cache emptied: 21254890 bytes
->FireFox cache emptied: 125226010 bytes
->Google Chrome cache emptied: 419226331 bytes
->Flash cache emptied: 62084 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9004 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49338696 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 589,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Radovan
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 03112012_091556

Vypada to, ze vse se povedlo uz predtim, protoze v tomto logu OTM pise, ze uz tam nic neni

Dejte mi tedy jeste radeji aktualni log z RSIT a napiste, jak se chova pocitac

PC sa podla mna chova normalne, ale ani predtym som si nevsimol nejake zasadne problemy.


Logfile of random's system information tool 1.09 (written by random/random)
Run by Radovan at 2012-03-11 09:27:19
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 77 GB (33%) free of 229 GB
Total RAM: 2039 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:27:59, on 11. 3. 2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Radovan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radovan\Downloads\RSIT.exe
C:\Program Files\trend micro\Radovan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: _uninst_97358621.lnk = Radovan\AppData\Local\Temp\_uninst_97358621.bat
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9851 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\rgh9fase.default

prefs.js - "extensions.enabledItems" - "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.4, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323, langpack-sk@firefox.mozilla.org:3.6.87, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\firefox\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
answers.xml
bing.xml
creativecommons.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\rgh9fase.default\extensions\
langpack-sk@firefox.mozilla.org
{20a82645-c095-46ed-80e3-08825760534b}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\rgh9fase.default\searchplugins\
crawlersrch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-25 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-25 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-24 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-24 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-24 129560]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-05-11 472632]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-06-05 71176]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-11-06 177456]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-02-21 1183744]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-12-21 6676808]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-12-15 258512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
PHOTOfunSTUDIO HD Edition.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

C:\Users\Radovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
_uninst_97358621.lnk - C:\Users\Radovan\AppData\Local\Temp\_uninst_97358621.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-09 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\Windows\system32\DeviceNP.dll [2007-06-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-08-24 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-08-28 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.iv32"=C:\Windows\system32\ir32_32.dll
"vidc.iv31"=C:\Windows\system32\ir32_32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-03-11 09:17:24 ----ASH---- C:\hiberfil.sys
2012-03-11 09:12:45 ----A---- C:\Windows\ntbtlog.txt
2012-03-10 23:06:57 ----D---- C:\_OTM
2012-03-03 01:23:17 ----SHD---- C:\Config.Msi
2012-02-25 09:25:45 ----A---- C:\Windows\system32\javaws.exe
2012-02-25 09:25:45 ----A---- C:\Windows\system32\javaw.exe
2012-02-25 09:25:45 ----A---- C:\Windows\system32\java.exe
2012-02-16 22:56:12 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 22:56:11 ----A---- C:\Windows\system32\jscript.dll
2012-02-16 22:56:11 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\url.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\jscript9.dll
2012-02-16 22:56:10 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 22:56:09 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-16 22:56:08 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 22:56:06 ----A---- C:\Windows\system32\ieframe.dll
2012-02-16 22:56:05 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 21:40:08 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-16 21:40:06 ----A---- C:\Windows\system32\win32k.sys
2012-02-12 12:03:18 ----D---- C:\Users\Radovan\AppData\Roaming\Avira
2012-02-12 11:57:19 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2012-02-12 11:57:16 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-02-12 11:57:16 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-02-12 11:57:16 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-02-12 11:57:14 ----D---- C:\ProgramData\Avira
2012-02-12 11:57:14 ----D---- C:\Program Files\Avira

======List of files/folders modified in the last 1 month======

2012-03-11 09:27:29 ----D---- C:\Program Files\trend micro
2012-03-11 09:27:19 ----D---- C:\Windows\temp
2012-03-11 09:16:08 ----D---- C:\Windows\system32\drivers\etc
2012-03-11 09:12:45 ----D---- C:\Windows
2012-03-11 01:36:10 ----D---- C:\Windows\Prefetch
2012-03-10 23:10:25 ----D---- C:\Windows\system32\catroot2
2012-03-10 23:07:09 ----D---- C:\Windows\Tasks
2012-03-10 20:53:18 ----D---- C:\ProgramData\Google Updater
2012-03-10 10:05:05 ----D---- C:\Windows\inf
2012-03-10 09:49:24 ----D---- C:\Windows\System32
2012-03-10 09:49:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-09 17:15:29 ----SHD---- C:\System Volume Information
2012-03-09 17:03:54 ----D---- C:\Program Files\SUPERAntiSpyware
2012-03-07 19:57:45 ----D---- C:\Program Files\Mozilla Firefox
2012-03-07 19:18:51 ----D---- C:\Program Files\Crawler
2012-03-03 12:26:43 ----D---- C:\Users\Radovan\AppData\Roaming\Media Player Classic
2012-03-03 11:44:30 ----D---- C:\Users\Radovan\AppData\Roaming\Skype
2012-03-03 10:05:05 ----D---- C:\Users\Radovan\AppData\Roaming\skypePM
2012-03-03 01:38:26 ----SHD---- C:\Windows\Installer
2012-03-03 01:37:52 ----D---- C:\ProgramData\Microsoft Help
2012-03-03 01:37:51 ----RSD---- C:\Windows\assembly
2012-03-03 01:36:21 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-03 01:35:56 ----D---- C:\Users\Radovan\AppData\Roaming\uTorrent
2012-03-03 01:23:37 ----A---- C:\Windows\win.ini
2012-03-03 01:17:56 ----D---- C:\Windows\Panther
2012-03-03 01:17:56 ----D---- C:\Windows\ModemLogs
2012-03-03 01:17:32 ----D---- C:\Windows\Logs
2012-03-03 01:17:31 ----D---- C:\Windows\Debug
2012-02-29 20:15:54 ----D---- C:\Windows\Microsoft.NET
2012-02-26 16:58:44 ----D---- C:\Program Files\Common Files\Adobe
2012-02-26 16:58:43 ----D---- C:\ProgramData\Adobe
2012-02-25 09:26:22 ----D---- C:\Program Files\Common Files\Java
2012-02-25 09:25:11 ----A---- C:\Windows\system32\deployJava1.dll
2012-02-24 16:50:36 ----D---- C:\Windows\system32\WDI
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-19 18:32:00 ----D---- C:\Windows\system32\drivers
2012-02-17 20:35:58 ----D---- C:\Windows\winsxs
2012-02-17 20:02:25 ----D---- C:\Windows\system32\migration
2012-02-17 20:02:25 ----D---- C:\Program Files\Internet Explorer
2012-02-17 20:02:19 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-16 22:57:17 ----A---- C:\Windows\system32\mrt.exe
2012-02-16 22:56:29 ----D---- C:\Windows\system32\catroot
2012-02-16 22:54:55 ----D---- C:\Program Files\Windows Mail
2012-02-12 11:57:14 ----RD---- C:\Program Files
2012-02-12 11:57:14 ----D---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 97358621;97358621; C:\Windows\system32\DRIVERS\97358621.sys [2011-12-21 133208]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-03-21 304920]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-02-16 137416]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-12-15 36000]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-01-17 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-12-19 38616]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 82400]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-08-28 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2011-08-28 67664]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-12-15 74640]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-04-24 309248]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-10-11 1044472]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-05-24 223616]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-10-11 1044472]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-05-11 79664]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-05-11 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-05-11 16432]
S3 catchme;catchme; \??\C:\Users\Radovan\AppData\Local\Temp\catchme.sys []
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv.sys [2007-06-08 30008]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-07 12872]
S3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-28 116608]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-02-06 69632]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-04-16 9216]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-12-15 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2007-06-15 145504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-12-19 1960584]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-06-05 61440]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2007-12-05 144688]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\Windows\system32\flcdlock.exe [2007-06-08 172131]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-22 1010424]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

Log vypada v poradku, byly tam jen nejake zbytecnosti, takze jen uklidime

Pokud mate windows Vista nebo windows 7, vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Stahnete si OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows, takze muzete pouzit take

Muzete defragmentovat disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci


A pokud nebudou problemy, je to vse

Dakujem za pomoc a zelam co najkrajsi zvysok vikendu.

Dekuji za prani, napodobne a nemate zac Mejte se