Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Chrome nepřehraje video
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Chrome nepřehraje video
Zdravím, od včerejška mě trápí docela závažný problém. Chrome nepřehraje žádné video na webu (IE a mozilla také ne). Například na youtube se začne načítat a okamžitě se sekne. PC na nic nereaguje ( alt + F4, ctrl + alt +del)... po chvíli nastane modrá smrt. Tento stav nastane na jakém koliv serveru kde je video. Zkoušel sem odinstalovat flash player i chrom, pc sem nechal projet ccleanerm a znovu naistaloval prohlížeč - žádná změna. Jako antivirák používám Microsoft security essentials, firewall piužívám windowsáckej. Zkoušel jsem i online scaner od esetu, ale ten taky nic nenašel. Načítání stránek trvá trochu déle. Kdyby někdo věděl jak tento problém opravit, tak bych byl moc vděčný . Jinak PC : HP probook 4510s, C2D, 4GB Ram, Ati HD 4330, Win 7 64bit
Předem děkuji za pomoc
Předem děkuji za pomoc
Re: Chrome nepřehraje video
zdravim
1:Vyskusaj najprv toto:
flashplayer
2: Vloz sem log z RSIT
Stiahnes>>RSIT >>logy vloz sem,
napis ci 1-moznost pomohol..
1:Vyskusaj najprv toto:
flashplayer
2: Vloz sem log z RSIT
Stiahnes>>RSIT >>logy vloz sem,
napis ci 1-moznost pomohol..
Re: Chrome nepřehraje video
Tak možnost 1 nepomohla, prohlížeč je sice rychlejší, ale problém přetrvává ..
Dík za rychlou reakci
log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by johny.re at 2011-05-31 19:31:26
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 4060 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:30, on 31.5.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\trend micro\johny.re.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kb.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10520 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
WLIDSvcM.exe 2156
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {D7B1199A-5699-48A7-A42A-04D40B8F2C3B}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\johny.re\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll [2011-05-31 322104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-15 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-05-31 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2011-05-31 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-05-31 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-12-09 606208]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-19 336384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2011-05-31 19:31:26 ----D---- C:\rsit
2011-05-31 19:26:13 ----D---- C:\Program Files\trend micro
2011-05-31 17:08:57 ----D---- C:\Program Files (x86)\ICQ7.5
2011-05-31 15:23:59 ----D---- C:\Program Files\Google
2011-05-31 15:23:52 ----D---- C:\ProgramData\Google
2011-05-30 23:29:46 ----D---- C:\Users\johny.re\AppData\Roaming\Malwarebytes
2011-05-30 23:29:09 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-05-30 23:29:08 ----D---- C:\ProgramData\Malwarebytes
2011-05-30 23:29:05 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-30 23:29:05 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-05-30 23:06:18 ----D---- C:\ProgramData\ATI
2011-05-30 23:06:15 ----D---- C:\Program Files (x86)\AMD APP
2011-05-30 23:06:05 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiumdmv.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2011-05-30 23:04:01 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2011-05-30 23:04:01 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiumd6v.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiumd6a.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiumd64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiu9p64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atitmm64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atipdl64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atio6axx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atimuixx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atimpc64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiglpxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atig6txx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atig6pxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiesrxx.exe
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiedu64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atieclxx.exe
2011-05-30 23:04:01 ----A---- C:\Windows\system32\ATIDEMGX.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\aticalrt64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\aticaldd64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\aticalcl64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiapfxx.exe
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiadlxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\amdpcom64.dll
2011-05-30 22:31:37 ----D---- C:\Program Files (x86)\HWiNFO32
2011-05-30 19:36:31 ----D---- C:\ProgramData\Skype Extras
2011-05-26 07:58:04 ----D---- C:\Program Files (x86)\Glary Utilities
2011-05-25 07:18:34 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-23 17:00:18 ----A---- C:\Windows\SYSWOW64\adidrm.dll
2011-05-23 17:00:17 ----A---- C:\Windows\SYSWOW64\SFFXComm.dll
2011-05-23 16:59:53 ----D---- C:\ProgramData\SonicFocus
2011-05-23 16:59:52 ----D---- C:\Program Files (x86)\Analog Devices
2011-05-23 16:59:06 ----D---- C:\Users\johny.re\AppData\Roaming\InstallShield
2011-05-23 16:16:13 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-23 16:16:13 ----A---- C:\Windows\system32\poqexec.exe
2011-05-23 16:16:06 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-05-23 16:16:06 ----A---- C:\Windows\system32\prevhost.exe
2011-05-21 17:55:21 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-05-21 17:55:21 ----A---- C:\Windows\explorer.exe
2011-05-21 17:55:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-21 17:55:17 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-21 17:55:16 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-21 17:55:14 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-05-21 17:55:14 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-21 17:55:12 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-05-21 17:55:12 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-14 11:53:28 ----D---- C:\Program Files (x86)\ElcomSoft
2011-05-14 11:47:33 ----D---- C:\Program Files (x86)\Intelore
2011-05-10 22:01:46 ----D---- C:\Program Files (x86)\Cisco Packet Tracer 5.3.2
======List of files/folders modified in the last 1 months======
2011-05-31 19:30:06 ----D---- C:\Windows\Prefetch
2011-05-31 19:27:05 ----D---- C:\Windows\Temp
2011-05-31 19:26:13 ----RD---- C:\Program Files
2011-05-31 19:18:11 ----D---- C:\ProgramData\VMware
2011-05-31 19:13:18 ----D---- C:\Windows\system32\config
2011-05-31 19:07:42 ----D---- C:\Windows\SYSWOW64\Macromed
2011-05-31 19:07:42 ----D---- C:\Windows\SYSWOW64\Adobe
2011-05-31 19:07:20 ----D---- C:\Users\johny.re\AppData\Roaming\ICQ
2011-05-31 19:03:22 ----D---- C:\Windows\tracing
2011-05-31 19:02:18 ----D---- C:\Windows\system32\catroot
2011-05-31 18:59:46 ----D---- C:\Windows\SysWOW64
2011-05-31 18:59:04 ----D---- C:\Users\johny.re\AppData\Roaming\Winamp
2011-05-31 17:09:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-31 17:08:57 ----RD---- C:\Program Files (x86)
2011-05-31 15:51:26 ----D---- C:\Windows
2011-05-31 15:36:34 ----D---- C:\Windows\Tasks
2011-05-31 15:36:34 ----D---- C:\Windows\system32\Tasks
2011-05-31 15:27:35 ----HD---- C:\ProgramData
2011-05-31 15:27:32 ----D---- C:\Windows\Downloaded Program Files
2011-05-31 15:24:09 ----SHD---- C:\Windows\Installer
2011-05-31 15:24:01 ----D---- C:\Program Files (x86)\Google
2011-05-31 15:04:35 ----D---- C:\Users\johny.re\AppData\Roaming\Azureus
2011-05-31 15:04:33 ----D---- C:\Windows\debug
2011-05-31 15:01:52 ----D---- C:\Windows\Minidump
2011-05-30 23:29:09 ----D---- C:\Windows\SYSWOW64\drivers
2011-05-30 23:29:05 ----D---- C:\Windows\system32\drivers
2011-05-30 23:09:30 ----D---- C:\Windows\System32
2011-05-30 23:06:05 ----D---- C:\Program Files\Common Files
2011-05-30 23:06:05 ----D---- C:\Program Files (x86)\Common Files
2011-05-30 23:05:51 ----D---- C:\Program Files\ATI Technologies
2011-05-30 23:04:34 ----D---- C:\Windows\inf
2011-05-30 23:04:33 ----D---- C:\Windows\system32\DriverStore
2011-05-30 23:04:33 ----D---- C:\Windows\system32\catroot2
2011-05-30 21:20:24 ----SHD---- C:\System Volume Information
2011-05-30 20:01:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-30 19:47:09 ----D---- C:\Users\johny.re\AppData\Roaming\Skype
2011-05-30 19:35:30 ----RD---- C:\Program Files (x86)\Skype
2011-05-30 19:35:28 ----D---- C:\ProgramData\Skype
2011-05-30 19:34:52 ----D---- C:\Users\johny.re\AppData\Roaming\skypePM
2011-05-30 18:42:24 ----D---- C:\Program Files (x86)\DOSBox-0.74
2011-05-30 18:17:23 ----D---- C:\Windows\LiveKernelReports
2011-05-26 07:59:18 ----D---- C:\Users\johny.re\AppData\Roaming\GlarySoft
2011-05-25 11:21:16 ----D---- C:\Windows\rescache
2011-05-25 07:19:14 ----D---- C:\Windows\winsxs
2011-05-25 07:14:44 ----D---- C:\ProgramData\Landi11-original
2011-05-23 16:38:29 ----D---- C:\SWSetup
2011-05-23 16:17:05 ----D---- C:\Windows\AppPatch
2011-05-23 14:32:50 ----D---- C:\Users\johny.re\AppData\Roaming\Unified Remote
2011-05-21 18:05:15 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-05-21 18:04:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2011-05-21 18:02:18 ----RSD---- C:\Windows\assembly
2011-05-21 18:02:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-05-21 18:00:41 ----D---- C:\Windows\registration
2011-05-21 17:56:31 ----D---- C:\ProgramData\Microsoft Help
2011-05-21 17:48:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-05-12 07:07:25 ----D---- C:\Windows\system32\NDF
2011-05-09 17:14:55 ----D---- C:\Program Files (x86)\Unified Remote
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-06-15 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-16 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-05-22 28032]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2009-10-22 38960]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 11576]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2009-10-22 80944]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2009-10-22 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2009-10-22 30256]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2009-10-22 68144]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [2009-10-12 32816]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 41272]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 306176]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-08 2769400]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-03-11 96296]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-03-11 134184]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-03-11 36392]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-03-11 21160]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2009-10-22 29744]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2007-06-27 63808]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 32768]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2009-10-22 20016]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 203776]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-03-02 844328]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 30520]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2009-10-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2009-10-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2009-10-22 395824]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-04 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-04 655624]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-31 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-03-16 167280]
S3 ufad-ws60;VMware Agent Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [2009-10-12 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-09 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]
-----------------EOF-----------------
Dík za rychlou reakci
log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by johny.re at 2011-05-31 19:31:26
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 4060 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:30, on 31.5.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\trend micro\johny.re.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kb.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10520 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
WLIDSvcM.exe 2156
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {D7B1199A-5699-48A7-A42A-04D40B8F2C3B}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\johny.re\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll [2011-05-31 322104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-15 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-05-31 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2011-05-31 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-05-31 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-12-09 606208]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-19 336384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2011-05-31 19:31:26 ----D---- C:\rsit
2011-05-31 19:26:13 ----D---- C:\Program Files\trend micro
2011-05-31 17:08:57 ----D---- C:\Program Files (x86)\ICQ7.5
2011-05-31 15:23:59 ----D---- C:\Program Files\Google
2011-05-31 15:23:52 ----D---- C:\ProgramData\Google
2011-05-30 23:29:46 ----D---- C:\Users\johny.re\AppData\Roaming\Malwarebytes
2011-05-30 23:29:09 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-05-30 23:29:08 ----D---- C:\ProgramData\Malwarebytes
2011-05-30 23:29:05 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-30 23:29:05 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-05-30 23:06:18 ----D---- C:\ProgramData\ATI
2011-05-30 23:06:15 ----D---- C:\Program Files (x86)\AMD APP
2011-05-30 23:06:05 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiumdmv.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2011-05-30 23:04:01 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2011-05-30 23:04:01 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiumd6v.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiumd6a.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiumd64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiu9p64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atitmm64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atipdl64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atio6axx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atimuixx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atimpc64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiglpxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atig6txx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atig6pxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiesrxx.exe
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiedu64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atieclxx.exe
2011-05-30 23:04:01 ----A---- C:\Windows\system32\ATIDEMGX.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\aticalrt64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\aticaldd64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\aticalcl64.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiapfxx.exe
2011-05-30 23:04:01 ----A---- C:\Windows\system32\atiadlxx.dll
2011-05-30 23:04:01 ----A---- C:\Windows\system32\amdpcom64.dll
2011-05-30 22:31:37 ----D---- C:\Program Files (x86)\HWiNFO32
2011-05-30 19:36:31 ----D---- C:\ProgramData\Skype Extras
2011-05-26 07:58:04 ----D---- C:\Program Files (x86)\Glary Utilities
2011-05-25 07:18:34 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-23 17:00:18 ----A---- C:\Windows\SYSWOW64\adidrm.dll
2011-05-23 17:00:17 ----A---- C:\Windows\SYSWOW64\SFFXComm.dll
2011-05-23 16:59:53 ----D---- C:\ProgramData\SonicFocus
2011-05-23 16:59:52 ----D---- C:\Program Files (x86)\Analog Devices
2011-05-23 16:59:06 ----D---- C:\Users\johny.re\AppData\Roaming\InstallShield
2011-05-23 16:16:13 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-23 16:16:13 ----A---- C:\Windows\system32\poqexec.exe
2011-05-23 16:16:06 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-05-23 16:16:06 ----A---- C:\Windows\system32\prevhost.exe
2011-05-21 17:55:21 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-05-21 17:55:21 ----A---- C:\Windows\explorer.exe
2011-05-21 17:55:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-21 17:55:17 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-21 17:55:16 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-21 17:55:14 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-05-21 17:55:14 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-21 17:55:12 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-05-21 17:55:12 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-14 11:53:28 ----D---- C:\Program Files (x86)\ElcomSoft
2011-05-14 11:47:33 ----D---- C:\Program Files (x86)\Intelore
2011-05-10 22:01:46 ----D---- C:\Program Files (x86)\Cisco Packet Tracer 5.3.2
======List of files/folders modified in the last 1 months======
2011-05-31 19:30:06 ----D---- C:\Windows\Prefetch
2011-05-31 19:27:05 ----D---- C:\Windows\Temp
2011-05-31 19:26:13 ----RD---- C:\Program Files
2011-05-31 19:18:11 ----D---- C:\ProgramData\VMware
2011-05-31 19:13:18 ----D---- C:\Windows\system32\config
2011-05-31 19:07:42 ----D---- C:\Windows\SYSWOW64\Macromed
2011-05-31 19:07:42 ----D---- C:\Windows\SYSWOW64\Adobe
2011-05-31 19:07:20 ----D---- C:\Users\johny.re\AppData\Roaming\ICQ
2011-05-31 19:03:22 ----D---- C:\Windows\tracing
2011-05-31 19:02:18 ----D---- C:\Windows\system32\catroot
2011-05-31 18:59:46 ----D---- C:\Windows\SysWOW64
2011-05-31 18:59:04 ----D---- C:\Users\johny.re\AppData\Roaming\Winamp
2011-05-31 17:09:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-31 17:08:57 ----RD---- C:\Program Files (x86)
2011-05-31 15:51:26 ----D---- C:\Windows
2011-05-31 15:36:34 ----D---- C:\Windows\Tasks
2011-05-31 15:36:34 ----D---- C:\Windows\system32\Tasks
2011-05-31 15:27:35 ----HD---- C:\ProgramData
2011-05-31 15:27:32 ----D---- C:\Windows\Downloaded Program Files
2011-05-31 15:24:09 ----SHD---- C:\Windows\Installer
2011-05-31 15:24:01 ----D---- C:\Program Files (x86)\Google
2011-05-31 15:04:35 ----D---- C:\Users\johny.re\AppData\Roaming\Azureus
2011-05-31 15:04:33 ----D---- C:\Windows\debug
2011-05-31 15:01:52 ----D---- C:\Windows\Minidump
2011-05-30 23:29:09 ----D---- C:\Windows\SYSWOW64\drivers
2011-05-30 23:29:05 ----D---- C:\Windows\system32\drivers
2011-05-30 23:09:30 ----D---- C:\Windows\System32
2011-05-30 23:06:05 ----D---- C:\Program Files\Common Files
2011-05-30 23:06:05 ----D---- C:\Program Files (x86)\Common Files
2011-05-30 23:05:51 ----D---- C:\Program Files\ATI Technologies
2011-05-30 23:04:34 ----D---- C:\Windows\inf
2011-05-30 23:04:33 ----D---- C:\Windows\system32\DriverStore
2011-05-30 23:04:33 ----D---- C:\Windows\system32\catroot2
2011-05-30 21:20:24 ----SHD---- C:\System Volume Information
2011-05-30 20:01:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-30 19:47:09 ----D---- C:\Users\johny.re\AppData\Roaming\Skype
2011-05-30 19:35:30 ----RD---- C:\Program Files (x86)\Skype
2011-05-30 19:35:28 ----D---- C:\ProgramData\Skype
2011-05-30 19:34:52 ----D---- C:\Users\johny.re\AppData\Roaming\skypePM
2011-05-30 18:42:24 ----D---- C:\Program Files (x86)\DOSBox-0.74
2011-05-30 18:17:23 ----D---- C:\Windows\LiveKernelReports
2011-05-26 07:59:18 ----D---- C:\Users\johny.re\AppData\Roaming\GlarySoft
2011-05-25 11:21:16 ----D---- C:\Windows\rescache
2011-05-25 07:19:14 ----D---- C:\Windows\winsxs
2011-05-25 07:14:44 ----D---- C:\ProgramData\Landi11-original
2011-05-23 16:38:29 ----D---- C:\SWSetup
2011-05-23 16:17:05 ----D---- C:\Windows\AppPatch
2011-05-23 14:32:50 ----D---- C:\Users\johny.re\AppData\Roaming\Unified Remote
2011-05-21 18:05:15 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-05-21 18:04:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2011-05-21 18:02:18 ----RSD---- C:\Windows\assembly
2011-05-21 18:02:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-05-21 18:00:41 ----D---- C:\Windows\registration
2011-05-21 17:56:31 ----D---- C:\ProgramData\Microsoft Help
2011-05-21 17:48:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-05-12 07:07:25 ----D---- C:\Windows\system32\NDF
2011-05-09 17:14:55 ----D---- C:\Program Files (x86)\Unified Remote
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-06-15 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-16 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-05-22 28032]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2009-10-22 38960]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 11576]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2009-10-22 80944]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2009-10-22 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2009-10-22 30256]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2009-10-22 68144]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [2009-10-12 32816]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 41272]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 306176]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-08 2769400]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-03-11 96296]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-03-11 134184]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-03-11 36392]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-03-11 21160]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2009-10-22 29744]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2007-06-27 63808]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 32768]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2009-10-22 20016]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 203776]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-03-02 844328]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 30520]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2009-10-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2009-10-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2009-10-22 395824]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-04 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-04 655624]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-31 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-03-16 167280]
S3 ufad-ws60;VMware Agent Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [2009-10-12 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-09 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]
-----------------EOF-----------------
Re: Chrome nepřehraje video
Stiahnite si prosím TDSSKiller a uložte ho na plochu.
2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.
PROSIM CITAJTE POZORNE NAVOD!!!,
Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.
2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.
PROSIM CITAJTE POZORNE NAVOD!!!,
Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.
Re: Chrome nepřehraje video
zde log z TDSSKilleru:
2011/05/31 19:59:52.0282 4948 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/31 19:59:52.0345 4948 ================================================================================
2011/05/31 19:59:52.0345 4948 SystemInfo:
2011/05/31 19:59:52.0345 4948
2011/05/31 19:59:52.0345 4948 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/31 19:59:52.0345 4948 Product type: Workstation
2011/05/31 19:59:52.0345 4948 ComputerName: JOHNYRE-NTB
2011/05/31 19:59:52.0345 4948 UserName: johny.re
2011/05/31 19:59:52.0345 4948 Windows directory: C:\Windows
2011/05/31 19:59:52.0345 4948 System windows directory: C:\Windows
2011/05/31 19:59:52.0345 4948 Running under WOW64
2011/05/31 19:59:52.0345 4948 Processor architecture: Intel x64
2011/05/31 19:59:52.0345 4948 Number of processors: 2
2011/05/31 19:59:52.0345 4948 Page size: 0x1000
2011/05/31 19:59:52.0345 4948 Boot type: Normal boot
2011/05/31 19:59:52.0345 4948 ================================================================================
2011/05/31 19:59:53.0437 4948 Initialize success
2011/05/31 20:00:00.0956 4832 ================================================================================
2011/05/31 20:00:00.0956 4832 Scan started
2011/05/31 20:00:00.0956 4832 Mode: Manual;
2011/05/31 20:00:00.0956 4832 ================================================================================
2011/05/31 20:00:02.0235 4832 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/05/31 20:00:02.0282 4832 Accelerometer (5aa055fe5ae506e19e9a8f537756ee10) C:\Windows\system32\DRIVERS\Accelerometer.sys
2011/05/31 20:00:02.0313 4832 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/31 20:00:02.0360 4832 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/31 20:00:02.0422 4832 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/05/31 20:00:02.0500 4832 ADIHdAudAddService (560649e6a9c11f6124f97310ef387c45) C:\Windows\system32\drivers\ADIHdAud.sys
2011/05/31 20:00:02.0594 4832 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/31 20:00:02.0641 4832 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/31 20:00:02.0672 4832 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/31 20:00:02.0765 4832 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/31 20:00:02.0828 4832 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
2011/05/31 20:00:02.0890 4832 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/31 20:00:02.0953 4832 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/31 20:00:02.0999 4832 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/31 20:00:03.0046 4832 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/31 20:00:03.0296 4832 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/31 20:00:03.0670 4832 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/05/31 20:00:03.0764 4832 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/31 20:00:03.0811 4832 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
2011/05/31 20:00:03.0842 4832 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/31 20:00:03.0873 4832 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
2011/05/31 20:00:03.0920 4832 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/31 20:00:03.0998 4832 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/31 20:00:04.0013 4832 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/31 20:00:04.0060 4832 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/31 20:00:04.0107 4832 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/31 20:00:04.0154 4832 AtiHdmiService (3b9014fb7ce9e20fd726321c7db7d8b0) C:\Windows\system32\drivers\AtiHdmi.sys
2011/05/31 20:00:04.0372 4832 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/31 20:00:04.0497 4832 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/31 20:00:04.0544 4832 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/31 20:00:04.0653 4832 BCM43XX (fb4fda64f2e8552eaeb5986c3f34462c) C:\Windows\system32\DRIVERS\bcmwl664.sys
2011/05/31 20:00:04.0700 4832 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/31 20:00:04.0762 4832 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/31 20:00:04.0809 4832 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/31 20:00:04.0856 4832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/31 20:00:04.0871 4832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/31 20:00:04.0903 4832 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/31 20:00:04.0934 4832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/31 20:00:04.0965 4832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/31 20:00:04.0981 4832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/31 20:00:05.0043 4832 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
2011/05/31 20:00:05.0074 4832 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/31 20:00:05.0105 4832 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/31 20:00:05.0168 4832 BTHPORT (0d25b6d300ba26a5f2c3b2a8e96b158b) C:\Windows\system32\Drivers\BTHport.sys
2011/05/31 20:00:05.0230 4832 BTHUSB (1f9912f8ec5bfa53432e71e150636a8a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/05/31 20:00:05.0261 4832 btwaudio (1abd26de34d3a5e346e96d721c0d67f8) C:\Windows\system32\drivers\btwaudio.sys
2011/05/31 20:00:05.0308 4832 btwavdt (3081d3213a3d2df2f3e7bbd816c17225) C:\Windows\system32\DRIVERS\btwavdt.sys
2011/05/31 20:00:05.0371 4832 btwl2cap (0037cb116097e8e0ea77f3b13c50ff1e) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/05/31 20:00:05.0402 4832 btwrchid (6921ad2faf1cb24b2ffc78104721d506) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/05/31 20:00:05.0433 4832 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/31 20:00:05.0495 4832 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/05/31 20:00:05.0558 4832 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/31 20:00:05.0620 4832 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/31 20:00:05.0698 4832 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/31 20:00:05.0729 4832 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/31 20:00:05.0792 4832 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/31 20:00:05.0807 4832 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/31 20:00:05.0885 4832 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/31 20:00:05.0932 4832 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/31 20:00:05.0995 4832 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/05/31 20:00:06.0073 4832 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/31 20:00:06.0135 4832 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/31 20:00:06.0182 4832 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/31 20:00:06.0229 4832 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/31 20:00:06.0291 4832 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/31 20:00:06.0400 4832 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/31 20:00:06.0541 4832 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/31 20:00:06.0587 4832 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/31 20:00:06.0650 4832 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/31 20:00:06.0681 4832 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/31 20:00:06.0712 4832 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/31 20:00:06.0743 4832 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/31 20:00:06.0775 4832 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/31 20:00:06.0821 4832 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/31 20:00:06.0868 4832 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/31 20:00:06.0899 4832 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/31 20:00:06.0931 4832 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/31 20:00:06.0977 4832 FTDIBUS (54891a87ba8dbfac580a3d256f4d2ceb) C:\Windows\system32\drivers\ftdibus.sys
2011/05/31 20:00:07.0009 4832 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys
2011/05/31 20:00:07.0102 4832 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/31 20:00:07.0149 4832 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/31 20:00:07.0243 4832 hcmon (8cdad7b707ddd77d45588f74d59c9aff) C:\Windows\system32\drivers\hcmon.sys
2011/05/31 20:00:07.0289 4832 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/31 20:00:07.0352 4832 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/31 20:00:07.0383 4832 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/31 20:00:07.0414 4832 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/31 20:00:07.0461 4832 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/31 20:00:07.0477 4832 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/31 20:00:07.0539 4832 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/31 20:00:07.0617 4832 hpdskflt (0ac88fbe4bf315f5f8fd862426c11540) C:\Windows\system32\DRIVERS\hpdskflt.sys
2011/05/31 20:00:07.0679 4832 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/31 20:00:07.0726 4832 HTCAND64 (cf44b25ae808765d7308f412ad492ddb) C:\Windows\system32\Drivers\ANDROIDUSB.sys
2011/05/31 20:00:07.0789 4832 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/31 20:00:07.0898 4832 HWiNFO32 (17eff7b20f4d110baec9652f126a8379) C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS
2011/05/31 20:00:08.0007 4832 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/31 20:00:08.0069 4832 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/05/31 20:00:08.0132 4832 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
2011/05/31 20:00:08.0257 4832 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/31 20:00:08.0303 4832 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/31 20:00:08.0335 4832 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/31 20:00:08.0381 4832 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/31 20:00:08.0413 4832 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/31 20:00:08.0459 4832 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/31 20:00:08.0475 4832 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/31 20:00:08.0506 4832 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/31 20:00:08.0537 4832 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/31 20:00:08.0584 4832 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/31 20:00:08.0631 4832 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/31 20:00:08.0678 4832 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/31 20:00:08.0725 4832 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/31 20:00:08.0756 4832 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/31 20:00:08.0834 4832 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/31 20:00:08.0896 4832 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/31 20:00:08.0927 4832 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/31 20:00:08.0959 4832 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/31 20:00:08.0990 4832 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/31 20:00:09.0021 4832 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/31 20:00:09.0052 4832 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/31 20:00:09.0099 4832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/31 20:00:09.0130 4832 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/31 20:00:09.0161 4832 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/31 20:00:09.0193 4832 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/05/31 20:00:09.0208 4832 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/31 20:00:09.0271 4832 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/31 20:00:09.0333 4832 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/05/31 20:00:09.0364 4832 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/31 20:00:09.0411 4832 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/05/31 20:00:09.0458 4832 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/31 20:00:09.0505 4832 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/31 20:00:09.0536 4832 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/31 20:00:09.0583 4832 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/31 20:00:09.0629 4832 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/31 20:00:09.0676 4832 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/31 20:00:09.0707 4832 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/31 20:00:09.0770 4832 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/31 20:00:09.0801 4832 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/31 20:00:09.0817 4832 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/31 20:00:09.0879 4832 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/31 20:00:09.0941 4832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/31 20:00:09.0973 4832 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/31 20:00:10.0004 4832 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/31 20:00:10.0051 4832 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/31 20:00:10.0129 4832 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/31 20:00:10.0160 4832 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/31 20:00:10.0191 4832 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/31 20:00:10.0253 4832 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/31 20:00:10.0331 4832 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/31 20:00:10.0394 4832 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/31 20:00:10.0425 4832 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/31 20:00:10.0456 4832 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/31 20:00:10.0503 4832 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/31 20:00:10.0534 4832 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/31 20:00:10.0565 4832 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/31 20:00:10.0612 4832 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/31 20:00:10.0690 4832 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/31 20:00:10.0737 4832 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/05/31 20:00:10.0831 4832 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
2011/05/31 20:00:10.0877 4832 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/31 20:00:10.0909 4832 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/31 20:00:10.0971 4832 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
2011/05/31 20:00:11.0033 4832 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/31 20:00:11.0096 4832 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
2011/05/31 20:00:11.0127 4832 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
2011/05/31 20:00:11.0158 4832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/31 20:00:11.0236 4832 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/31 20:00:11.0299 4832 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/31 20:00:11.0330 4832 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/31 20:00:11.0361 4832 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/31 20:00:11.0392 4832 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/31 20:00:11.0423 4832 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/31 20:00:11.0455 4832 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/31 20:00:11.0486 4832 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/31 20:00:11.0626 4832 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/31 20:00:11.0642 4832 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/31 20:00:11.0704 4832 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/31 20:00:11.0751 4832 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/31 20:00:11.0813 4832 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/31 20:00:11.0845 4832 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/31 20:00:11.0891 4832 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/31 20:00:11.0938 4832 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/31 20:00:11.0985 4832 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/31 20:00:12.0001 4832 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/31 20:00:12.0032 4832 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/31 20:00:12.0079 4832 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/31 20:00:12.0110 4832 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/31 20:00:12.0125 4832 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/31 20:00:12.0172 4832 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/05/31 20:00:12.0219 4832 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/31 20:00:12.0235 4832 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/31 20:00:12.0313 4832 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/05/31 20:00:12.0359 4832 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/31 20:00:12.0422 4832 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/31 20:00:12.0500 4832 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/31 20:00:12.0562 4832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/31 20:00:12.0609 4832 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/05/31 20:00:12.0671 4832 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/31 20:00:12.0718 4832 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/31 20:00:12.0781 4832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/31 20:00:12.0812 4832 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/31 20:00:12.0859 4832 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/31 20:00:12.0905 4832 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/31 20:00:12.0968 4832 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/31 20:00:12.0999 4832 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/31 20:00:13.0030 4832 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/31 20:00:13.0046 4832 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/31 20:00:13.0093 4832 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/31 20:00:13.0124 4832 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/31 20:00:13.0155 4832 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/31 20:00:13.0186 4832 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/31 20:00:13.0264 4832 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/05/31 20:00:13.0264 4832 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/05/31 20:00:13.0264 4832 sptd - detected LockedFile.Multi.Generic (1)
2011/05/31 20:00:13.0358 4832 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/31 20:00:13.0389 4832 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/31 20:00:13.0451 4832 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/31 20:00:13.0483 4832 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
2011/05/31 20:00:13.0545 4832 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/31 20:00:13.0592 4832 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/31 20:00:13.0607 4832 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/05/31 20:00:13.0623 4832 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/31 20:00:13.0732 4832 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
2011/05/31 20:00:13.0841 4832 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/31 20:00:13.0951 4832 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/31 20:00:13.0997 4832 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/31 20:00:14.0044 4832 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/31 20:00:14.0060 4832 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/31 20:00:14.0107 4832 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/31 20:00:14.0153 4832 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/31 20:00:14.0231 4832 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/31 20:00:14.0263 4832 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/31 20:00:14.0341 4832 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/31 20:00:14.0387 4832 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/31 20:00:14.0434 4832 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/31 20:00:14.0512 4832 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/31 20:00:14.0543 4832 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/05/31 20:00:14.0559 4832 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/31 20:00:14.0621 4832 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/31 20:00:14.0653 4832 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/31 20:00:14.0699 4832 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/31 20:00:14.0715 4832 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/31 20:00:14.0777 4832 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/05/31 20:00:14.0793 4832 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/31 20:00:14.0840 4832 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/31 20:00:14.0887 4832 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/31 20:00:14.0902 4832 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/31 20:00:14.0965 4832 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/05/31 20:00:15.0027 4832 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/05/31 20:00:15.0089 4832 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/31 20:00:15.0136 4832 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/31 20:00:15.0167 4832 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/31 20:00:15.0230 4832 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/31 20:00:15.0292 4832 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/31 20:00:15.0323 4832 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/05/31 20:00:15.0370 4832 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/31 20:00:15.0417 4832 vmci (cdaa992c18f3f3612444c818a478cf57) C:\Windows\system32\drivers\vmci.sys
2011/05/31 20:00:15.0448 4832 vmkbd (ea9c266cd4b4bb7c7d818c1c27461959) C:\Windows\system32\drivers\VMkbd.sys
2011/05/31 20:00:15.0479 4832 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys
2011/05/31 20:00:15.0511 4832 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys
2011/05/31 20:00:15.0542 4832 VMnetuserif (479948eb42e189c076b45ebaf2d12bbc) C:\Windows\system32\drivers\vmnetuserif.sys
2011/05/31 20:00:15.0604 4832 vmx86 (05645d6651ca7a02298aae475bbcad6e) C:\Windows\system32\drivers\vmx86.sys
2011/05/31 20:00:15.0635 4832 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/31 20:00:15.0682 4832 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/31 20:00:15.0745 4832 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/31 20:00:15.0791 4832 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/05/31 20:00:15.0823 4832 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
2011/05/31 20:00:15.0869 4832 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/05/31 20:00:15.0916 4832 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
2011/05/31 20:00:15.0979 4832 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/31 20:00:16.0072 4832 vstor2-ws60 (69f57e89e6ebc5012d210527af005a70) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
2011/05/31 20:00:16.0088 4832 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/31 20:00:16.0135 4832 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/31 20:00:16.0166 4832 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/05/31 20:00:16.0213 4832 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/31 20:00:16.0259 4832 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 20:00:16.0275 4832 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 20:00:16.0415 4832 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/31 20:00:16.0462 4832 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/31 20:00:16.0540 4832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/31 20:00:16.0571 4832 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/31 20:00:16.0665 4832 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.SYS
2011/05/31 20:00:16.0712 4832 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/31 20:00:16.0790 4832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/31 20:00:16.0852 4832 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/31 20:00:16.0883 4832 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/31 20:00:16.0961 4832 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/05/31 20:00:17.0039 4832 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/05/31 20:00:17.0055 4832 ================================================================================
2011/05/31 20:00:17.0055 4832 Scan finished
2011/05/31 20:00:17.0055 4832 ================================================================================
2011/05/31 20:00:17.0055 4640 Detected object count: 1
2011/05/31 20:00:17.0055 4640 Actual detected object count: 1
2011/05/31 20:00:29.0145 4640 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/05/31 20:01:28.0924 4436 Deinitialize success
a zde log z combofixu:
ComboFix 11-05-31.01 - johny.re 31.05.2011 20:14:16.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4060.2681 [GMT 2:00]
Spuštěný z: c:\users\johny.re\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ST6UNST.000
c:\windows\SysWow64\html
c:\windows\SysWow64\html\calendar.html
c:\windows\SysWow64\html\calendarbottom.html
c:\windows\SysWow64\html\calendartop.html
c:\windows\SysWow64\html\crystalexportdialog.htm
c:\windows\SysWow64\html\crystalprinthost.html
c:\windows\SysWow64\images
c:\windows\SysWow64\images\toolbar\calendar.gif
c:\windows\SysWow64\images\toolbar\crlogo.gif
c:\windows\SysWow64\images\toolbar\export.gif
c:\windows\SysWow64\images\toolbar\export_over.gif
c:\windows\SysWow64\images\toolbar\exportd.gif
c:\windows\SysWow64\images\toolbar\First.gif
c:\windows\SysWow64\images\toolbar\first_over.gif
c:\windows\SysWow64\images\toolbar\Firstd.gif
c:\windows\SysWow64\images\toolbar\gotopage.gif
c:\windows\SysWow64\images\toolbar\gotopage_over.gif
c:\windows\SysWow64\images\toolbar\gotopaged.gif
c:\windows\SysWow64\images\toolbar\grouptree.gif
c:\windows\SysWow64\images\toolbar\grouptree_over.gif
c:\windows\SysWow64\images\toolbar\grouptreed.gif
c:\windows\SysWow64\images\toolbar\grouptreepressed.gif
c:\windows\SysWow64\images\toolbar\Last.gif
c:\windows\SysWow64\images\toolbar\last_over.gif
c:\windows\SysWow64\images\toolbar\Lastd.gif
c:\windows\SysWow64\images\toolbar\Next.gif
c:\windows\SysWow64\images\toolbar\next_over.gif
c:\windows\SysWow64\images\toolbar\Nextd.gif
c:\windows\SysWow64\images\toolbar\Prev.gif
c:\windows\SysWow64\images\toolbar\prev_over.gif
c:\windows\SysWow64\images\toolbar\Prevd.gif
c:\windows\SysWow64\images\toolbar\print.gif
c:\windows\SysWow64\images\toolbar\print_over.gif
c:\windows\SysWow64\images\toolbar\printd.gif
c:\windows\SysWow64\images\toolbar\Refresh.gif
c:\windows\SysWow64\images\toolbar\refresh_over.gif
c:\windows\SysWow64\images\toolbar\refreshd.gif
c:\windows\SysWow64\images\toolbar\Search.gif
c:\windows\SysWow64\images\toolbar\search_over.gif
c:\windows\SysWow64\images\toolbar\searchd.gif
c:\windows\SysWow64\images\toolbar\up.gif
c:\windows\SysWow64\images\toolbar\up_over.gif
c:\windows\SysWow64\images\toolbar\upd.gif
c:\windows\SysWow64\images\tree\begindots.gif
c:\windows\SysWow64\images\tree\beginminus.gif
c:\windows\SysWow64\images\tree\beginplus.gif
c:\windows\SysWow64\images\tree\blank.gif
c:\windows\SysWow64\images\tree\blankdots.gif
c:\windows\SysWow64\images\tree\dots.gif
c:\windows\SysWow64\images\tree\lastdots.gif
c:\windows\SysWow64\images\tree\lastminus.gif
c:\windows\SysWow64\images\tree\lastplus.gif
c:\windows\SysWow64\images\tree\Magnify.gif
c:\windows\SysWow64\images\tree\minus.gif
c:\windows\SysWow64\images\tree\minusbox.gif
c:\windows\SysWow64\images\tree\plus.gif
c:\windows\SysWow64\images\tree\plusbox.gif
c:\windows\SysWow64\images\tree\singleminus.gif
c:\windows\SysWow64\images\tree\singleplus.gif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-28 do 2011-05-31 )))))))))))))))))))))))))))))))
.
.
2011-05-31 18:20 . 2011-05-31 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-31 18:10 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2AE91B73-6DD7-4B2F-BF71-B7DAE9DAC4F4}\mpengine.dll
2011-05-31 17:31 . 2011-05-31 17:31 -------- d-----w- C:\rsit
2011-05-31 17:26 . 2011-05-31 17:31 -------- d-----w- c:\program files\trend micro
2011-05-31 15:08 . 2011-05-31 15:09 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-05-31 13:23 . 2011-05-31 13:23 -------- d-----w- c:\program files\Google
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\users\johny.re\AppData\Roaming\Malwarebytes
2011-05-30 21:29 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\programdata\Malwarebytes
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-30 21:29 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\programdata\ATI
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\AMD APP
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-05-30 20:31 . 2011-05-30 20:31 -------- d-----w- c:\program files (x86)\HWiNFO32
2011-05-30 17:36 . 2011-05-30 17:37 -------- d-----w- c:\programdata\Skype Extras
2011-05-30 17:35 . 2011-05-30 17:35 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-26 05:58 . 2011-05-26 05:58 -------- d-----w- c:\program files (x86)\Glary Utilities
2011-05-25 05:18 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-23 15:00 . 2009-05-18 11:27 32768 ----a-w- c:\windows\SysWow64\adidrm.dll
2011-05-23 15:00 . 2008-12-10 11:26 60928 ----a-w- c:\windows\SysWow64\SFFXComm.dll
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\programdata\SonicFocus
2011-05-23 14:59 . 2011-05-23 15:00 -------- d-----w- c:\program files (x86)\Analog Devices
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\users\johny.re\AppData\Roaming\InstallShield
2011-05-23 14:16 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-23 14:16 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-23 14:16 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-05-23 14:16 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-05-21 15:55 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-05-21 15:55 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-05-21 15:55 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-21 15:55 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-21 15:55 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-21 15:55 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-21 15:55 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AE34C85-B609-45B9-B89E-989E9CCFC5BA}\gapaengine.dll
2011-05-14 09:53 . 2011-05-14 09:53 -------- d-----w- c:\program files (x86)\ElcomSoft
2011-05-14 09:47 . 2011-05-14 09:47 -------- d-----w- c:\program files (x86)\Intelore
2011-05-10 20:08 . 2011-05-10 20:08 -------- d-----w- c:\users\johny.re\Cisco Packet Tracer 5.3.2
2011-05-10 20:01 . 2011-05-10 20:02 -------- d-----w- c:\program files (x86)\Cisco Packet Tracer 5.3.2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-09 22:00 . 2011-04-15 21:36 8718160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-20 02:07 . 2010-12-25 20:55 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-04-20 01:49 . 2009-07-13 21:59 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-04-20 01:27 . 2010-12-25 20:55 58880 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 01:21 . 2010-12-25 20:55 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-04-19 20:10 . 2011-04-19 20:10 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-04-19 20:10 . 2011-04-19 20:10 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 16116224 ----a-w- c:\windows\system32\amdocl64.dll
2011-04-19 20:10 . 2011-04-19 20:10 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-15 08:53 . 2011-03-15 08:53 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-15 08:31 . 2011-03-15 08:31 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 448512 ----a-w- c:\windows\system32\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-14 20:17 . 2011-04-15 21:25 8424784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-03-11 06:34 . 2011-04-14 19:58 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-14 19:58 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:29 . 2011-04-14 19:58 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-14 19:58 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:19 . 2011-05-23 14:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-05-23 14:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-14 19:58 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-14 19:58 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-14 19:58 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-14 19:58 3135488 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-12-09 606208]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Mobile Connectivity Suite"="c:\program files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 136176]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-04 1038088]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-05-22 28032]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 94559927
*Deregistered* - 94559927
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-31 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-05-26 15:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
"SoundMAX"="c:\program files (x86)\Analog Devices\SoundMAX\soundmax.exe" [2009-05-18 3866624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.kb.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: ????3?? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 192.168.55.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-05-31 20:23:30
ComboFix-quarantined-files.txt 2011-05-31 18:23
.
Před spuštěním: Volných bajtů: 12 807 557 120
Po spuštění: Volných bajtů: 12 825 784 320
.
- - End Of File - - 3CC73E4867133E21D8AB66E91CEBA14B
2011/05/31 19:59:52.0282 4948 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/31 19:59:52.0345 4948 ================================================================================
2011/05/31 19:59:52.0345 4948 SystemInfo:
2011/05/31 19:59:52.0345 4948
2011/05/31 19:59:52.0345 4948 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/31 19:59:52.0345 4948 Product type: Workstation
2011/05/31 19:59:52.0345 4948 ComputerName: JOHNYRE-NTB
2011/05/31 19:59:52.0345 4948 UserName: johny.re
2011/05/31 19:59:52.0345 4948 Windows directory: C:\Windows
2011/05/31 19:59:52.0345 4948 System windows directory: C:\Windows
2011/05/31 19:59:52.0345 4948 Running under WOW64
2011/05/31 19:59:52.0345 4948 Processor architecture: Intel x64
2011/05/31 19:59:52.0345 4948 Number of processors: 2
2011/05/31 19:59:52.0345 4948 Page size: 0x1000
2011/05/31 19:59:52.0345 4948 Boot type: Normal boot
2011/05/31 19:59:52.0345 4948 ================================================================================
2011/05/31 19:59:53.0437 4948 Initialize success
2011/05/31 20:00:00.0956 4832 ================================================================================
2011/05/31 20:00:00.0956 4832 Scan started
2011/05/31 20:00:00.0956 4832 Mode: Manual;
2011/05/31 20:00:00.0956 4832 ================================================================================
2011/05/31 20:00:02.0235 4832 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/05/31 20:00:02.0282 4832 Accelerometer (5aa055fe5ae506e19e9a8f537756ee10) C:\Windows\system32\DRIVERS\Accelerometer.sys
2011/05/31 20:00:02.0313 4832 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/31 20:00:02.0360 4832 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/31 20:00:02.0422 4832 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/05/31 20:00:02.0500 4832 ADIHdAudAddService (560649e6a9c11f6124f97310ef387c45) C:\Windows\system32\drivers\ADIHdAud.sys
2011/05/31 20:00:02.0594 4832 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/31 20:00:02.0641 4832 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/31 20:00:02.0672 4832 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/31 20:00:02.0765 4832 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/31 20:00:02.0828 4832 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
2011/05/31 20:00:02.0890 4832 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/31 20:00:02.0953 4832 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/31 20:00:02.0999 4832 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/31 20:00:03.0046 4832 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/31 20:00:03.0296 4832 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/31 20:00:03.0670 4832 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/05/31 20:00:03.0764 4832 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/31 20:00:03.0811 4832 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
2011/05/31 20:00:03.0842 4832 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/31 20:00:03.0873 4832 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
2011/05/31 20:00:03.0920 4832 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/31 20:00:03.0998 4832 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/31 20:00:04.0013 4832 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/31 20:00:04.0060 4832 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/31 20:00:04.0107 4832 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/31 20:00:04.0154 4832 AtiHdmiService (3b9014fb7ce9e20fd726321c7db7d8b0) C:\Windows\system32\drivers\AtiHdmi.sys
2011/05/31 20:00:04.0372 4832 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/31 20:00:04.0497 4832 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/31 20:00:04.0544 4832 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/31 20:00:04.0653 4832 BCM43XX (fb4fda64f2e8552eaeb5986c3f34462c) C:\Windows\system32\DRIVERS\bcmwl664.sys
2011/05/31 20:00:04.0700 4832 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/31 20:00:04.0762 4832 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/31 20:00:04.0809 4832 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/31 20:00:04.0856 4832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/31 20:00:04.0871 4832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/31 20:00:04.0903 4832 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/31 20:00:04.0934 4832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/31 20:00:04.0965 4832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/31 20:00:04.0981 4832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/31 20:00:05.0043 4832 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
2011/05/31 20:00:05.0074 4832 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/31 20:00:05.0105 4832 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/31 20:00:05.0168 4832 BTHPORT (0d25b6d300ba26a5f2c3b2a8e96b158b) C:\Windows\system32\Drivers\BTHport.sys
2011/05/31 20:00:05.0230 4832 BTHUSB (1f9912f8ec5bfa53432e71e150636a8a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/05/31 20:00:05.0261 4832 btwaudio (1abd26de34d3a5e346e96d721c0d67f8) C:\Windows\system32\drivers\btwaudio.sys
2011/05/31 20:00:05.0308 4832 btwavdt (3081d3213a3d2df2f3e7bbd816c17225) C:\Windows\system32\DRIVERS\btwavdt.sys
2011/05/31 20:00:05.0371 4832 btwl2cap (0037cb116097e8e0ea77f3b13c50ff1e) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/05/31 20:00:05.0402 4832 btwrchid (6921ad2faf1cb24b2ffc78104721d506) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/05/31 20:00:05.0433 4832 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/31 20:00:05.0495 4832 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/05/31 20:00:05.0558 4832 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/31 20:00:05.0620 4832 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/31 20:00:05.0698 4832 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/31 20:00:05.0729 4832 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/31 20:00:05.0792 4832 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/31 20:00:05.0807 4832 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/31 20:00:05.0885 4832 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/31 20:00:05.0932 4832 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/31 20:00:05.0995 4832 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/05/31 20:00:06.0073 4832 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/31 20:00:06.0135 4832 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/31 20:00:06.0182 4832 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/31 20:00:06.0229 4832 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/31 20:00:06.0291 4832 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/31 20:00:06.0400 4832 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/31 20:00:06.0541 4832 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/31 20:00:06.0587 4832 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/31 20:00:06.0650 4832 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/31 20:00:06.0681 4832 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/31 20:00:06.0712 4832 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/31 20:00:06.0743 4832 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/31 20:00:06.0775 4832 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/31 20:00:06.0821 4832 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/31 20:00:06.0868 4832 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/31 20:00:06.0899 4832 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/31 20:00:06.0931 4832 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/31 20:00:06.0977 4832 FTDIBUS (54891a87ba8dbfac580a3d256f4d2ceb) C:\Windows\system32\drivers\ftdibus.sys
2011/05/31 20:00:07.0009 4832 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys
2011/05/31 20:00:07.0102 4832 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/31 20:00:07.0149 4832 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/31 20:00:07.0243 4832 hcmon (8cdad7b707ddd77d45588f74d59c9aff) C:\Windows\system32\drivers\hcmon.sys
2011/05/31 20:00:07.0289 4832 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/31 20:00:07.0352 4832 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/31 20:00:07.0383 4832 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/31 20:00:07.0414 4832 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/31 20:00:07.0461 4832 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/31 20:00:07.0477 4832 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/31 20:00:07.0539 4832 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/31 20:00:07.0617 4832 hpdskflt (0ac88fbe4bf315f5f8fd862426c11540) C:\Windows\system32\DRIVERS\hpdskflt.sys
2011/05/31 20:00:07.0679 4832 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/31 20:00:07.0726 4832 HTCAND64 (cf44b25ae808765d7308f412ad492ddb) C:\Windows\system32\Drivers\ANDROIDUSB.sys
2011/05/31 20:00:07.0789 4832 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/31 20:00:07.0898 4832 HWiNFO32 (17eff7b20f4d110baec9652f126a8379) C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS
2011/05/31 20:00:08.0007 4832 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/31 20:00:08.0069 4832 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/05/31 20:00:08.0132 4832 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
2011/05/31 20:00:08.0257 4832 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/31 20:00:08.0303 4832 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/31 20:00:08.0335 4832 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/31 20:00:08.0381 4832 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/31 20:00:08.0413 4832 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/31 20:00:08.0459 4832 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/31 20:00:08.0475 4832 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/31 20:00:08.0506 4832 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/31 20:00:08.0537 4832 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/31 20:00:08.0584 4832 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/31 20:00:08.0631 4832 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/31 20:00:08.0678 4832 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/31 20:00:08.0725 4832 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/31 20:00:08.0756 4832 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/31 20:00:08.0834 4832 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/31 20:00:08.0896 4832 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/31 20:00:08.0927 4832 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/31 20:00:08.0959 4832 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/31 20:00:08.0990 4832 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/31 20:00:09.0021 4832 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/31 20:00:09.0052 4832 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/31 20:00:09.0099 4832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/31 20:00:09.0130 4832 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/31 20:00:09.0161 4832 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/31 20:00:09.0193 4832 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/05/31 20:00:09.0208 4832 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/31 20:00:09.0271 4832 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/31 20:00:09.0333 4832 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/05/31 20:00:09.0364 4832 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/31 20:00:09.0411 4832 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/05/31 20:00:09.0458 4832 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/31 20:00:09.0505 4832 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/31 20:00:09.0536 4832 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/31 20:00:09.0583 4832 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/31 20:00:09.0629 4832 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/31 20:00:09.0676 4832 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/31 20:00:09.0707 4832 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/31 20:00:09.0770 4832 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/31 20:00:09.0801 4832 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/31 20:00:09.0817 4832 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/31 20:00:09.0879 4832 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/31 20:00:09.0941 4832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/31 20:00:09.0973 4832 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/31 20:00:10.0004 4832 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/31 20:00:10.0051 4832 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/31 20:00:10.0129 4832 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/31 20:00:10.0160 4832 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/31 20:00:10.0191 4832 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/31 20:00:10.0253 4832 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/31 20:00:10.0331 4832 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/31 20:00:10.0394 4832 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/31 20:00:10.0425 4832 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/31 20:00:10.0456 4832 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/31 20:00:10.0503 4832 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/31 20:00:10.0534 4832 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/31 20:00:10.0565 4832 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/31 20:00:10.0612 4832 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/31 20:00:10.0690 4832 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/31 20:00:10.0737 4832 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/05/31 20:00:10.0831 4832 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
2011/05/31 20:00:10.0877 4832 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/31 20:00:10.0909 4832 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/31 20:00:10.0971 4832 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
2011/05/31 20:00:11.0033 4832 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/31 20:00:11.0096 4832 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
2011/05/31 20:00:11.0127 4832 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
2011/05/31 20:00:11.0158 4832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/31 20:00:11.0236 4832 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/31 20:00:11.0299 4832 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/31 20:00:11.0330 4832 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/31 20:00:11.0361 4832 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/31 20:00:11.0392 4832 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/31 20:00:11.0423 4832 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/31 20:00:11.0455 4832 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/31 20:00:11.0486 4832 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/31 20:00:11.0626 4832 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/31 20:00:11.0642 4832 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/31 20:00:11.0704 4832 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/31 20:00:11.0751 4832 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/31 20:00:11.0813 4832 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/31 20:00:11.0845 4832 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/31 20:00:11.0891 4832 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/31 20:00:11.0938 4832 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/31 20:00:11.0985 4832 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/31 20:00:12.0001 4832 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/31 20:00:12.0032 4832 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/31 20:00:12.0079 4832 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/31 20:00:12.0110 4832 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/31 20:00:12.0125 4832 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/31 20:00:12.0172 4832 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/05/31 20:00:12.0219 4832 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/31 20:00:12.0235 4832 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/31 20:00:12.0313 4832 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/05/31 20:00:12.0359 4832 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/31 20:00:12.0422 4832 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/31 20:00:12.0500 4832 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/31 20:00:12.0562 4832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/31 20:00:12.0609 4832 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/05/31 20:00:12.0671 4832 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/31 20:00:12.0718 4832 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/31 20:00:12.0781 4832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/31 20:00:12.0812 4832 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/31 20:00:12.0859 4832 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/31 20:00:12.0905 4832 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/31 20:00:12.0968 4832 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/31 20:00:12.0999 4832 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/31 20:00:13.0030 4832 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/31 20:00:13.0046 4832 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/31 20:00:13.0093 4832 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/31 20:00:13.0124 4832 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/31 20:00:13.0155 4832 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/31 20:00:13.0186 4832 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/31 20:00:13.0264 4832 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/05/31 20:00:13.0264 4832 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/05/31 20:00:13.0264 4832 sptd - detected LockedFile.Multi.Generic (1)
2011/05/31 20:00:13.0358 4832 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/31 20:00:13.0389 4832 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/31 20:00:13.0451 4832 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/31 20:00:13.0483 4832 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
2011/05/31 20:00:13.0545 4832 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/31 20:00:13.0592 4832 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/31 20:00:13.0607 4832 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/05/31 20:00:13.0623 4832 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/31 20:00:13.0732 4832 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
2011/05/31 20:00:13.0841 4832 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/31 20:00:13.0951 4832 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/31 20:00:13.0997 4832 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/31 20:00:14.0044 4832 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/31 20:00:14.0060 4832 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/31 20:00:14.0107 4832 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/31 20:00:14.0153 4832 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/31 20:00:14.0231 4832 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/31 20:00:14.0263 4832 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/31 20:00:14.0341 4832 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/31 20:00:14.0387 4832 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/31 20:00:14.0434 4832 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/31 20:00:14.0512 4832 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/31 20:00:14.0543 4832 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/05/31 20:00:14.0559 4832 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/31 20:00:14.0621 4832 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/31 20:00:14.0653 4832 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/31 20:00:14.0699 4832 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/31 20:00:14.0715 4832 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/31 20:00:14.0777 4832 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/05/31 20:00:14.0793 4832 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/31 20:00:14.0840 4832 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/31 20:00:14.0887 4832 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/31 20:00:14.0902 4832 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/31 20:00:14.0965 4832 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/05/31 20:00:15.0027 4832 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/05/31 20:00:15.0089 4832 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/31 20:00:15.0136 4832 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/31 20:00:15.0167 4832 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/31 20:00:15.0230 4832 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/31 20:00:15.0292 4832 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/31 20:00:15.0323 4832 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/05/31 20:00:15.0370 4832 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/31 20:00:15.0417 4832 vmci (cdaa992c18f3f3612444c818a478cf57) C:\Windows\system32\drivers\vmci.sys
2011/05/31 20:00:15.0448 4832 vmkbd (ea9c266cd4b4bb7c7d818c1c27461959) C:\Windows\system32\drivers\VMkbd.sys
2011/05/31 20:00:15.0479 4832 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys
2011/05/31 20:00:15.0511 4832 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys
2011/05/31 20:00:15.0542 4832 VMnetuserif (479948eb42e189c076b45ebaf2d12bbc) C:\Windows\system32\drivers\vmnetuserif.sys
2011/05/31 20:00:15.0604 4832 vmx86 (05645d6651ca7a02298aae475bbcad6e) C:\Windows\system32\drivers\vmx86.sys
2011/05/31 20:00:15.0635 4832 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/31 20:00:15.0682 4832 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/31 20:00:15.0745 4832 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/31 20:00:15.0791 4832 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/05/31 20:00:15.0823 4832 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
2011/05/31 20:00:15.0869 4832 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/05/31 20:00:15.0916 4832 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
2011/05/31 20:00:15.0979 4832 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/31 20:00:16.0072 4832 vstor2-ws60 (69f57e89e6ebc5012d210527af005a70) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
2011/05/31 20:00:16.0088 4832 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/31 20:00:16.0135 4832 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/31 20:00:16.0166 4832 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/05/31 20:00:16.0213 4832 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/31 20:00:16.0259 4832 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 20:00:16.0275 4832 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/31 20:00:16.0415 4832 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/31 20:00:16.0462 4832 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/31 20:00:16.0540 4832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/31 20:00:16.0571 4832 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/31 20:00:16.0665 4832 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.SYS
2011/05/31 20:00:16.0712 4832 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/31 20:00:16.0790 4832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/31 20:00:16.0852 4832 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/31 20:00:16.0883 4832 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/31 20:00:16.0961 4832 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/05/31 20:00:17.0039 4832 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/05/31 20:00:17.0055 4832 ================================================================================
2011/05/31 20:00:17.0055 4832 Scan finished
2011/05/31 20:00:17.0055 4832 ================================================================================
2011/05/31 20:00:17.0055 4640 Detected object count: 1
2011/05/31 20:00:17.0055 4640 Actual detected object count: 1
2011/05/31 20:00:29.0145 4640 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/05/31 20:01:28.0924 4436 Deinitialize success
a zde log z combofixu:
ComboFix 11-05-31.01 - johny.re 31.05.2011 20:14:16.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4060.2681 [GMT 2:00]
Spuštěný z: c:\users\johny.re\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ST6UNST.000
c:\windows\SysWow64\html
c:\windows\SysWow64\html\calendar.html
c:\windows\SysWow64\html\calendarbottom.html
c:\windows\SysWow64\html\calendartop.html
c:\windows\SysWow64\html\crystalexportdialog.htm
c:\windows\SysWow64\html\crystalprinthost.html
c:\windows\SysWow64\images
c:\windows\SysWow64\images\toolbar\calendar.gif
c:\windows\SysWow64\images\toolbar\crlogo.gif
c:\windows\SysWow64\images\toolbar\export.gif
c:\windows\SysWow64\images\toolbar\export_over.gif
c:\windows\SysWow64\images\toolbar\exportd.gif
c:\windows\SysWow64\images\toolbar\First.gif
c:\windows\SysWow64\images\toolbar\first_over.gif
c:\windows\SysWow64\images\toolbar\Firstd.gif
c:\windows\SysWow64\images\toolbar\gotopage.gif
c:\windows\SysWow64\images\toolbar\gotopage_over.gif
c:\windows\SysWow64\images\toolbar\gotopaged.gif
c:\windows\SysWow64\images\toolbar\grouptree.gif
c:\windows\SysWow64\images\toolbar\grouptree_over.gif
c:\windows\SysWow64\images\toolbar\grouptreed.gif
c:\windows\SysWow64\images\toolbar\grouptreepressed.gif
c:\windows\SysWow64\images\toolbar\Last.gif
c:\windows\SysWow64\images\toolbar\last_over.gif
c:\windows\SysWow64\images\toolbar\Lastd.gif
c:\windows\SysWow64\images\toolbar\Next.gif
c:\windows\SysWow64\images\toolbar\next_over.gif
c:\windows\SysWow64\images\toolbar\Nextd.gif
c:\windows\SysWow64\images\toolbar\Prev.gif
c:\windows\SysWow64\images\toolbar\prev_over.gif
c:\windows\SysWow64\images\toolbar\Prevd.gif
c:\windows\SysWow64\images\toolbar\print.gif
c:\windows\SysWow64\images\toolbar\print_over.gif
c:\windows\SysWow64\images\toolbar\printd.gif
c:\windows\SysWow64\images\toolbar\Refresh.gif
c:\windows\SysWow64\images\toolbar\refresh_over.gif
c:\windows\SysWow64\images\toolbar\refreshd.gif
c:\windows\SysWow64\images\toolbar\Search.gif
c:\windows\SysWow64\images\toolbar\search_over.gif
c:\windows\SysWow64\images\toolbar\searchd.gif
c:\windows\SysWow64\images\toolbar\up.gif
c:\windows\SysWow64\images\toolbar\up_over.gif
c:\windows\SysWow64\images\toolbar\upd.gif
c:\windows\SysWow64\images\tree\begindots.gif
c:\windows\SysWow64\images\tree\beginminus.gif
c:\windows\SysWow64\images\tree\beginplus.gif
c:\windows\SysWow64\images\tree\blank.gif
c:\windows\SysWow64\images\tree\blankdots.gif
c:\windows\SysWow64\images\tree\dots.gif
c:\windows\SysWow64\images\tree\lastdots.gif
c:\windows\SysWow64\images\tree\lastminus.gif
c:\windows\SysWow64\images\tree\lastplus.gif
c:\windows\SysWow64\images\tree\Magnify.gif
c:\windows\SysWow64\images\tree\minus.gif
c:\windows\SysWow64\images\tree\minusbox.gif
c:\windows\SysWow64\images\tree\plus.gif
c:\windows\SysWow64\images\tree\plusbox.gif
c:\windows\SysWow64\images\tree\singleminus.gif
c:\windows\SysWow64\images\tree\singleplus.gif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-28 do 2011-05-31 )))))))))))))))))))))))))))))))
.
.
2011-05-31 18:20 . 2011-05-31 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-31 18:10 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2AE91B73-6DD7-4B2F-BF71-B7DAE9DAC4F4}\mpengine.dll
2011-05-31 17:31 . 2011-05-31 17:31 -------- d-----w- C:\rsit
2011-05-31 17:26 . 2011-05-31 17:31 -------- d-----w- c:\program files\trend micro
2011-05-31 15:08 . 2011-05-31 15:09 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-05-31 13:23 . 2011-05-31 13:23 -------- d-----w- c:\program files\Google
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\users\johny.re\AppData\Roaming\Malwarebytes
2011-05-30 21:29 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\programdata\Malwarebytes
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-30 21:29 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\programdata\ATI
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\AMD APP
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-05-30 20:31 . 2011-05-30 20:31 -------- d-----w- c:\program files (x86)\HWiNFO32
2011-05-30 17:36 . 2011-05-30 17:37 -------- d-----w- c:\programdata\Skype Extras
2011-05-30 17:35 . 2011-05-30 17:35 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-26 05:58 . 2011-05-26 05:58 -------- d-----w- c:\program files (x86)\Glary Utilities
2011-05-25 05:18 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-23 15:00 . 2009-05-18 11:27 32768 ----a-w- c:\windows\SysWow64\adidrm.dll
2011-05-23 15:00 . 2008-12-10 11:26 60928 ----a-w- c:\windows\SysWow64\SFFXComm.dll
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\programdata\SonicFocus
2011-05-23 14:59 . 2011-05-23 15:00 -------- d-----w- c:\program files (x86)\Analog Devices
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\users\johny.re\AppData\Roaming\InstallShield
2011-05-23 14:16 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-23 14:16 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-23 14:16 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-05-23 14:16 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-05-21 15:55 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-05-21 15:55 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-05-21 15:55 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-21 15:55 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-21 15:55 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-21 15:55 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-21 15:55 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AE34C85-B609-45B9-B89E-989E9CCFC5BA}\gapaengine.dll
2011-05-14 09:53 . 2011-05-14 09:53 -------- d-----w- c:\program files (x86)\ElcomSoft
2011-05-14 09:47 . 2011-05-14 09:47 -------- d-----w- c:\program files (x86)\Intelore
2011-05-10 20:08 . 2011-05-10 20:08 -------- d-----w- c:\users\johny.re\Cisco Packet Tracer 5.3.2
2011-05-10 20:01 . 2011-05-10 20:02 -------- d-----w- c:\program files (x86)\Cisco Packet Tracer 5.3.2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-09 22:00 . 2011-04-15 21:36 8718160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-20 02:07 . 2010-12-25 20:55 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-04-20 01:49 . 2009-07-13 21:59 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-04-20 01:27 . 2010-12-25 20:55 58880 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 01:21 . 2010-12-25 20:55 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-04-19 20:10 . 2011-04-19 20:10 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-04-19 20:10 . 2011-04-19 20:10 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 16116224 ----a-w- c:\windows\system32\amdocl64.dll
2011-04-19 20:10 . 2011-04-19 20:10 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-15 08:53 . 2011-03-15 08:53 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-15 08:31 . 2011-03-15 08:31 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 448512 ----a-w- c:\windows\system32\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-14 20:17 . 2011-04-15 21:25 8424784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-03-11 06:34 . 2011-04-14 19:58 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-14 19:58 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:29 . 2011-04-14 19:58 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-14 19:58 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:19 . 2011-05-23 14:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-05-23 14:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-14 19:58 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-14 19:58 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-14 19:58 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-14 19:58 3135488 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-12-09 606208]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Mobile Connectivity Suite"="c:\program files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 136176]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-04 1038088]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-05-22 28032]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 94559927
*Deregistered* - 94559927
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-31 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-05-26 15:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
"SoundMAX"="c:\program files (x86)\Analog Devices\SoundMAX\soundmax.exe" [2009-05-18 3866624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.kb.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: ????3?? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 192.168.55.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-05-31 20:23:30
ComboFix-quarantined-files.txt 2011-05-31 18:23
.
Před spuštěním: Volných bajtů: 12 807 557 120
Po spuštění: Volných bajtů: 12 825 784 320
.
- - End Of File - - 3CC73E4867133E21D8AB66E91CEBA14B
Re: Chrome nepřehraje video
Pri tejto akcii je nutné mať ComboFix na ploche.
Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.
Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:
Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Po skonceni skenu vlož log čo ComboFix vytvorí
Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.
Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:
Kód: Vybrat vše
KILLALL::
Driver::
94559927
RegNull::
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\]
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}]
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}hQè?þ”¥c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
DDS:
IE: ????3?? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Po skonceni skenu vlož log čo ComboFix vytvorí
Re: Chrome nepřehraje video
ComboFix 11-05-31.01 - johny.re 31.05.2011 22:15:14.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4060.2732 [GMT 2:00]
Spuštěný z: c:\users\johny.re\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\johny.re\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_94559927
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-28 do 2011-05-31 )))))))))))))))))))))))))))))))
.
.
2011-05-31 20:19 . 2011-05-31 20:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-31 17:31 . 2011-05-31 17:31 -------- d-----w- C:\rsit
2011-05-31 17:26 . 2011-05-31 17:31 -------- d-----w- c:\program files\trend micro
2011-05-31 15:08 . 2011-05-31 15:09 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-05-31 13:23 . 2011-05-31 13:23 -------- d-----w- c:\program files\Google
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\users\johny.re\AppData\Roaming\Malwarebytes
2011-05-30 21:29 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\programdata\Malwarebytes
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-30 21:29 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\programdata\ATI
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\AMD APP
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-05-30 20:31 . 2011-05-30 20:31 -------- d-----w- c:\program files (x86)\HWiNFO32
2011-05-30 17:36 . 2011-05-30 17:37 -------- d-----w- c:\programdata\Skype Extras
2011-05-30 17:35 . 2011-05-30 17:35 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-26 05:58 . 2011-05-26 05:58 -------- d-----w- c:\program files (x86)\Glary Utilities
2011-05-25 05:18 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-23 15:00 . 2009-05-18 11:27 32768 ----a-w- c:\windows\SysWow64\adidrm.dll
2011-05-23 15:00 . 2008-12-10 11:26 60928 ----a-w- c:\windows\SysWow64\SFFXComm.dll
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\programdata\SonicFocus
2011-05-23 14:59 . 2011-05-23 15:00 -------- d-----w- c:\program files (x86)\Analog Devices
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\users\johny.re\AppData\Roaming\InstallShield
2011-05-23 14:16 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-23 14:16 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-23 14:16 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-05-23 14:16 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-05-21 15:55 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-05-21 15:55 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-05-21 15:55 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-21 15:55 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-21 15:55 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-21 15:55 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-21 15:55 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AE34C85-B609-45B9-B89E-989E9CCFC5BA}\gapaengine.dll
2011-05-14 09:53 . 2011-05-14 09:53 -------- d-----w- c:\program files (x86)\ElcomSoft
2011-05-14 09:47 . 2011-05-14 09:47 -------- d-----w- c:\program files (x86)\Intelore
2011-05-10 20:08 . 2011-05-10 20:08 -------- d-----w- c:\users\johny.re\Cisco Packet Tracer 5.3.2
2011-05-10 20:01 . 2011-05-10 20:02 -------- d-----w- c:\program files (x86)\Cisco Packet Tracer 5.3.2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-09 22:00 . 2011-04-15 21:36 8718160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-20 02:07 . 2010-12-25 20:55 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-04-20 01:49 . 2009-07-13 21:59 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-04-20 01:27 . 2010-12-25 20:55 58880 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 01:21 . 2010-12-25 20:55 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-04-19 20:10 . 2011-04-19 20:10 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-04-19 20:10 . 2011-04-19 20:10 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 16116224 ----a-w- c:\windows\system32\amdocl64.dll
2011-04-19 20:10 . 2011-04-19 20:10 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-15 08:53 . 2011-03-15 08:53 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-15 08:31 . 2011-03-15 08:31 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 448512 ----a-w- c:\windows\system32\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-14 20:17 . 2011-04-15 21:25 8424784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-03-11 06:34 . 2011-04-14 19:58 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-14 19:58 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:29 . 2011-04-14 19:58 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-14 19:58 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:19 . 2011-05-23 14:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-05-23 14:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-14 19:58 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-14 19:58 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-14 19:58 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-14 19:58 3135488 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-31_18.21.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-05-15 21:28 . 2011-05-31 17:02 4879 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2010-05-15 21:28 . 2011-05-31 20:20 4879 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-05-31 17:03 . 2011-05-31 17:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-31 20:21 . 2011-05-31 20:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-31 17:03 . 2011-05-31 17:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-31 20:21 . 2011-05-31 20:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-05-31 20:20 523988 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-05-31 17:02 523988 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-06-28 21:23 . 2011-05-31 17:02 2664984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-06-28 21:23 . 2011-05-31 20:20 2664984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-12-09 606208]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Mobile Connectivity Suite"="c:\program files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 136176]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-04 1038088]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-05-22 28032]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-31 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-05-26 15:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF25306.cfxxe" [X]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.kb.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: ????3?? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 192.168.55.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
.
**************************************************************************
.
Celkový čas: 2011-05-31 22:28:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-31 20:28
ComboFix2.txt 2011-05-31 18:23
.
Před spuštěním: Volných bajtů: 12 879 376 384
Po spuštění: Volných bajtů: 12 336 357 376
.
- - End Of File - - 2A1E293D36C18045F7BF393938CCFABC
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4060.2732 [GMT 2:00]
Spuštěný z: c:\users\johny.re\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\johny.re\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_94559927
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-28 do 2011-05-31 )))))))))))))))))))))))))))))))
.
.
2011-05-31 20:19 . 2011-05-31 20:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-31 17:31 . 2011-05-31 17:31 -------- d-----w- C:\rsit
2011-05-31 17:26 . 2011-05-31 17:31 -------- d-----w- c:\program files\trend micro
2011-05-31 15:08 . 2011-05-31 15:09 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-05-31 13:23 . 2011-05-31 13:23 -------- d-----w- c:\program files\Google
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\users\johny.re\AppData\Roaming\Malwarebytes
2011-05-30 21:29 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\programdata\Malwarebytes
2011-05-30 21:29 . 2011-05-30 21:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-30 21:29 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\programdata\ATI
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\AMD APP
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-05-30 21:06 . 2011-05-30 21:06 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-05-30 20:31 . 2011-05-30 20:31 -------- d-----w- c:\program files (x86)\HWiNFO32
2011-05-30 17:36 . 2011-05-30 17:37 -------- d-----w- c:\programdata\Skype Extras
2011-05-30 17:35 . 2011-05-30 17:35 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-26 05:58 . 2011-05-26 05:58 -------- d-----w- c:\program files (x86)\Glary Utilities
2011-05-25 05:18 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-23 15:00 . 2009-05-18 11:27 32768 ----a-w- c:\windows\SysWow64\adidrm.dll
2011-05-23 15:00 . 2008-12-10 11:26 60928 ----a-w- c:\windows\SysWow64\SFFXComm.dll
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\programdata\SonicFocus
2011-05-23 14:59 . 2011-05-23 15:00 -------- d-----w- c:\program files (x86)\Analog Devices
2011-05-23 14:59 . 2011-05-23 14:59 -------- d-----w- c:\users\johny.re\AppData\Roaming\InstallShield
2011-05-23 14:16 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-23 14:16 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-23 14:16 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-05-23 14:16 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-05-21 15:55 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-05-21 15:55 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-05-21 15:55 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-21 15:55 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-21 15:55 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-21 15:55 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-21 15:55 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-21 15:55 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-05-21 07:34 . 2011-04-15 21:36 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AE34C85-B609-45B9-B89E-989E9CCFC5BA}\gapaengine.dll
2011-05-14 09:53 . 2011-05-14 09:53 -------- d-----w- c:\program files (x86)\ElcomSoft
2011-05-14 09:47 . 2011-05-14 09:47 -------- d-----w- c:\program files (x86)\Intelore
2011-05-10 20:08 . 2011-05-10 20:08 -------- d-----w- c:\users\johny.re\Cisco Packet Tracer 5.3.2
2011-05-10 20:01 . 2011-05-10 20:02 -------- d-----w- c:\program files (x86)\Cisco Packet Tracer 5.3.2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-09 22:00 . 2011-04-15 21:36 8718160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-20 02:07 . 2010-12-25 20:55 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-04-20 01:49 . 2009-07-13 21:59 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-04-20 01:27 . 2010-12-25 20:55 58880 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 01:21 . 2010-12-25 20:55 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-04-19 20:10 . 2011-04-19 20:10 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-04-19 20:10 . 2011-04-19 20:10 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 16116224 ----a-w- c:\windows\system32\amdocl64.dll
2011-04-19 20:10 . 2011-04-19 20:10 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-15 08:53 . 2011-03-15 08:53 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-15 08:31 . 2011-03-15 08:31 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-15 08:31 . 2011-03-15 08:31 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-15 08:31 . 2011-03-15 08:31 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-15 08:31 . 2011-03-15 08:31 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-15 08:31 . 2011-03-15 08:31 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 08:31 . 2011-03-15 08:31 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-15 08:31 . 2011-03-15 08:31 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-15 08:31 . 2011-03-15 08:31 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-15 08:31 . 2011-03-15 08:31 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-15 08:31 . 2011-03-15 08:31 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-15 08:31 . 2011-03-15 08:31 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-15 08:31 . 2011-03-15 08:31 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-15 08:31 . 2011-03-15 08:31 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-15 08:31 . 2011-03-15 08:31 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-15 08:31 . 2011-03-15 08:31 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-15 08:31 . 2011-03-15 08:31 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-15 08:31 . 2011-03-15 08:31 448512 ----a-w- c:\windows\system32\html.iec
2011-03-15 08:31 . 2011-03-15 08:31 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-15 08:31 . 2011-03-15 08:31 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-15 08:31 . 2011-03-15 08:31 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-15 08:31 . 2011-03-15 08:31 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-14 20:17 . 2011-04-15 21:25 8424784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-03-11 06:34 . 2011-04-14 19:58 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-14 19:58 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-14 19:58 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:29 . 2011-04-14 19:58 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-14 19:58 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:19 . 2011-05-23 14:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-05-23 14:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-14 19:58 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-14 19:58 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-14 19:58 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-14 19:58 3135488 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-31_18.21.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-05-15 21:28 . 2011-05-31 17:02 4879 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2010-05-15 21:28 . 2011-05-31 20:20 4879 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-05-31 17:03 . 2011-05-31 17:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-31 20:21 . 2011-05-31 20:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-31 17:03 . 2011-05-31 17:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-31 20:21 . 2011-05-31 20:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-05-31 20:20 523988 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-05-31 17:02 523988 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-06-28 21:23 . 2011-05-31 17:02 2664984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-06-28 21:23 . 2011-05-31 20:20 2664984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-12-09 606208]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0"
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Mobile Connectivity Suite"="c:\program files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 136176]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-04 1038088]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-05-22 28032]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-31 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-05-26 15:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-31 13:24]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
2011-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
- c:\users\johny.re\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 13:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF25306.cfxxe" [X]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.kb.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: ????3?? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 192.168.55.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\johny.re\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
.
**************************************************************************
.
Celkový čas: 2011-05-31 22:28:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-31 20:28
ComboFix2.txt 2011-05-31 18:23
.
Před spuštěním: Volných bajtů: 12 879 376 384
Po spuštění: Volných bajtů: 12 336 357 376
.
- - End Of File - - 2A1E293D36C18045F7BF393938CCFABC
Re: Chrome nepřehraje video
Ako je na tom pc??Problem stale trva??
Re: Chrome nepřehraje video
problém stále přetrvává.. v prohlížeči údálostí je po pádu toto: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Systém nemůže nalézt uvedený soubor.
Re: Chrome nepřehraje video
To je ovladac pre tisk, stranky.
Uvidime.
Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt a Extras.txt
Uvidime.
Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt a Extras.txt
Re: Chrome nepřehraje video
OTL logfile created on: 1.6.2011 8:13:34 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\johny.re\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 70,60% Memory free
7,93 Gb Paging File | 6,44 Gb Available in Paging File | 81,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 11,43 Gb Free Space | 11,72% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 207,93 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 69,57 Mb Free Space | 69,57% Space Free | Partition Type: NTFS
Computer Name: JOHNYRE-NTB | User Name: johny.re | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.01 08:12:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
PRC - [2009.12.09 16:01:20 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.10.22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2009.10.22 04:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2009.10.22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2009.10.22 03:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
========== Modules (SafeList) ==========
MOD - [2011.06.01 08:12:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009.07.14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.04.20 04:04:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010.08.04 20:14:03 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.06.15 16:53:52 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010.03.16 17:04:24 | 000,167,280 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.02 00:14:36 | 000,844,328 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2008.07.15 13:09:48 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2007.11.07 09:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2010.08.04 20:13:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2009.10.22 04:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2009.10.22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009.10.22 03:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2009.10.12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.20 04:44:48 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.04.20 04:44:48 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.04.20 03:22:32 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.07.12 14:48:50 | 000,085,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.06.15 16:53:58 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2010.06.15 16:53:42 | 000,041,272 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010.05.27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.05.16 10:43:14 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.10.26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.10.22 05:01:10 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2009.10.22 05:01:04 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2009.10.22 05:00:58 | 000,068,144 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2009.10.22 05:00:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009.10.22 03:47:50 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2009.10.22 00:13:28 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009.10.22 00:13:28 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009.09.28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.07.24 02:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:31:56 | 000,497,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009.03.11 07:36:58 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.03.11 07:36:56 | 000,134,184 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.03.11 07:36:56 | 000,096,296 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.03.11 07:36:56 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2007.08.13 20:48:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007.06.27 13:05:10 | 000,063,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011.05.22 22:51:28 | 000,028,032 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009.10.12 14:31:04 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kb.cz/
IE - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A E8 1E FD 77 F4 CA 01 [binary data]
IE - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.01 07:31:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.06.01 07:31:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\johny.re\AppData\Roaming\Mozilla\Extensions
[2011.06.01 07:31:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2011.04.14 18:38:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.05.31 22:22:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O15 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..Trusted Ranges: Range1 ([file] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.228.41.65 194.228.41.113
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.06.01 08:12:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
[2011.06.01 07:33:06 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.01 07:31:30 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Local\Mozilla
[2011.06.01 07:31:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.05.31 22:22:57 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.05.31 20:13:03 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.05.31 19:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.05.31 17:35:22 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Desktop\vyhl
[2011.05.31 17:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.05.31 17:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011.05.31 15:37:40 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.05.31 15:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.05.31 15:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011.05.30 23:29:46 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Malwarebytes
[2011.05.30 23:29:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.30 23:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.30 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.30 23:29:05 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.30 23:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.30 23:12:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2011.05.30 23:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.05.30 23:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.05.30 23:06:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011.05.30 23:06:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011.05.30 23:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.05.30 23:04:01 | 022,900,736 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2011.05.30 23:04:01 | 017,693,184 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011.05.30 23:04:01 | 009,319,936 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011.05.30 23:04:01 | 007,768,064 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011.05.30 23:04:01 | 006,389,760 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011.05.30 23:04:01 | 005,440,000 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2011.05.30 23:04:01 | 004,286,464 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2011.05.30 23:04:01 | 004,161,536 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2011.05.30 23:04:01 | 004,056,576 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2011.05.30 23:04:01 | 003,868,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2011.05.30 23:04:01 | 001,923,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011.05.30 23:04:01 | 001,222,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011.05.30 23:04:01 | 000,676,864 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2011.05.30 23:04:01 | 000,480,256 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011.05.30 23:04:01 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011.05.30 23:04:01 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2011.05.30 23:04:01 | 000,366,080 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2011.05.30 23:04:01 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011.05.30 23:04:01 | 000,306,176 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011.05.30 23:04:01 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011.05.30 23:04:01 | 000,262,144 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011.05.30 23:04:01 | 000,203,776 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011.05.30 23:04:01 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011.05.30 23:04:01 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011.05.30 23:04:01 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011.05.30 23:04:01 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011.05.30 23:04:01 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011.05.30 23:04:01 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011.05.30 23:04:01 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011.05.30 23:04:01 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2011.05.30 23:04:01 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011.05.30 23:04:01 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011.05.30 23:04:01 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011.05.30 23:04:01 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011.05.30 23:04:01 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011.05.30 23:04:01 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2011.05.30 23:04:01 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2011.05.30 23:04:01 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011.05.30 23:04:01 | 000,031,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2011.05.30 23:04:01 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2011.05.30 23:04:01 | 000,016,384 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011.05.30 23:04:01 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2011.05.30 23:04:01 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011.05.30 23:04:01 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011.05.30 22:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
[2011.05.30 22:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HWiNFO32
[2011.05.30 19:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.30 19:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.30 19:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.05.26 07:59:19 | 000,000,000 | -H-D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2011.05.26 07:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2011.05.26 07:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2011.05.25 07:18:34 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.05.24 16:04:15 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2011.05.23 18:11:03 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Desktop\Závěrečný projekt - matika
[2011.05.23 17:00:18 | 000,032,768 | ---- | C] (Analog Devices) -- C:\Windows\SysWow64\adidrm.dll
[2011.05.23 17:00:17 | 000,060,928 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysWow64\SFFXComm.dll
[2011.05.23 17:00:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundMAX
[2011.05.23 16:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2011.05.23 16:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Analog Devices
[2011.05.23 16:59:06 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\InstallShield
[2011.05.23 16:16:13 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.05.23 16:16:13 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.05.23 16:16:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.05.23 16:16:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.05.21 18:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.05.21 17:55:21 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.21 17:55:21 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.05.21 17:55:18 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.21 17:55:17 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.21 17:55:16 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.21 17:55:14 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.05.21 17:55:14 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.05.21 17:55:12 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.05.21 17:55:12 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.05.14 11:53:29 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ElcomSoft
[2011.05.14 11:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElcomSoft
[2011.05.14 11:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
[2011.05.14 11:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intelore
[2011.05.10 22:08:31 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Cisco Packet Tracer 5.3.2
[2011.05.10 22:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
[2011.05.10 22:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Packet Tracer 5.3.2
[2011.05.09 17:14:55 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
[2011.05.08 17:58:26 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Desktop\100MEDIA
[2010.12.25 01:45:21 | 002,691,072 | ---- | C] ( ) -- C:\Windows\ulandi.exe
[2001.11.24 16:24:00 | 002,207,744 | ---- | C] ( ) -- C:\Windows\SysWow64\VBR6.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.01 08:12:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
[2011.06.01 08:09:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.01 07:57:45 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.01 07:57:45 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.01 07:50:21 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.01 07:50:21 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.06.01 07:50:06 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.06.01 07:49:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.01 07:49:49 | 3193,122,816 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.01 07:41:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
[2011.06.01 07:31:31 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.06.01 07:31:26 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.01 07:29:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.31 22:35:22 | 001,626,486 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.31 22:35:22 | 000,688,290 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.05.31 22:35:22 | 000,671,772 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.31 22:35:22 | 000,144,164 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.05.31 22:35:22 | 000,128,452 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.31 22:22:49 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.05.31 19:29:42 | 000,832,273 | ---- | M] () -- C:\Users\johny.re\Desktop\RSITx64 (1).exe
[2011.05.31 17:09:21 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.31 15:41:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
[2011.05.31 15:37:42 | 000,002,336 | ---- | M] () -- C:\Users\johny.re\Desktop\Google Chrome.lnk
[2011.05.30 23:29:10 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.30 22:01:44 | 000,001,137 | ---- | M] () -- C:\Users\johny.re\Desktop\Adobe Photoshop CS4.lnk
[2011.05.26 07:58:10 | 000,001,078 | ---- | M] () -- C:\Users\johny.re\Desktop\Glary Utilities.lnk
[2011.05.23 08:40:59 | 000,000,384 | ---- | M] () -- C:\Users\johny.re\.packettracer
[2011.05.22 19:23:03 | 000,027,635 | ---- | M] () -- C:\Users\johny.re\Desktop\Zad12.pkt
[2011.05.21 18:02:12 | 001,522,920 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.21 17:48:58 | 000,597,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.10 22:02:12 | 000,001,265 | ---- | M] () -- C:\Users\johny.re\Desktop\Cisco Packet Tracer.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.01 07:31:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.06.01 07:31:26 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.01 07:31:26 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.31 19:29:42 | 000,832,273 | ---- | C] () -- C:\Users\johny.re\Desktop\RSITx64 (1).exe
[2011.05.31 17:09:21 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.31 15:37:42 | 000,002,336 | ---- | C] () -- C:\Users\johny.re\Desktop\Google Chrome.lnk
[2011.05.31 15:36:34 | 000,000,974 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
[2011.05.31 15:36:33 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
[2011.05.31 15:24:07 | 000,000,956 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.31 15:24:06 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.30 23:29:10 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.30 23:04:01 | 000,989,600 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2011.05.30 23:04:01 | 000,989,600 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2011.05.30 23:04:01 | 000,233,012 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2011.05.30 23:04:01 | 000,165,296 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011.05.30 23:04:01 | 000,032,200 | ---- | C] () -- C:\Windows\atiogl.xml
[2011.05.30 23:04:01 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.05.30 23:04:01 | 000,003,929 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2011.05.30 22:01:44 | 000,001,137 | ---- | C] () -- C:\Users\johny.re\Desktop\Adobe Photoshop CS4.lnk
[2011.05.26 07:58:11 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.05.26 07:58:10 | 000,001,078 | ---- | C] () -- C:\Users\johny.re\Desktop\Glary Utilities.lnk
[2011.05.22 18:10:57 | 000,027,635 | ---- | C] () -- C:\Users\johny.re\Desktop\Zad12.pkt
[2011.05.10 22:02:12 | 000,001,265 | ---- | C] () -- C:\Users\johny.re\Desktop\Cisco Packet Tracer.lnk
[2011.04.19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.08 23:05:55 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.12.30 14:43:50 | 000,000,030 | ---- | C] () -- C:\Program Files (x86)\Exiferupdate.ini
[2010.12.21 11:47:11 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.12.21 11:47:06 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.15 20:51:02 | 000,000,172 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.27 20:57:54 | 000,000,030 | ---- | C] () -- C:\Windows\USDL_GrandPrix_v1.6.4_VISTA.INI
[2010.09.19 12:17:14 | 000,259,440 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2010.09.01 17:23:40 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.07.14 20:28:14 | 000,000,292 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010.07.14 20:25:04 | 000,000,598 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2010.07.14 20:24:52 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.06.03 20:34:54 | 000,000,868 | ---- | C] () -- C:\Windows\SysWow64\SP7302.INI
[2010.06.03 18:53:27 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.06.03 18:46:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.05.26 22:21:39 | 001,522,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.15 23:21:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[1993.07.23 19:31:02 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll
========== LOP Check ==========
[2011.04.01 19:16:01 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\.minecraft
[2011.02.18 23:30:04 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Arduino
[2011.02.12 00:17:47 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Audacity
[2010.12.13 09:22:28 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Autodesk
[2011.05.31 15:04:35 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Azureus
[2010.07.14 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\BITS
[2010.12.11 23:15:22 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\BlackBean
[2010.11.15 00:48:53 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\CadSoft
[2010.11.15 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\DAEMON Tools Lite
[2010.10.18 12:29:40 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Dev-Cpp
[2010.07.14 20:24:38 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\FlashGet
[2010.07.14 20:24:35 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\FlashGetBHO
[2011.05.26 07:59:18 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\GlarySoft
[2010.11.19 18:09:17 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\gtk-2.0
[2011.05.31 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\ICQ
[2010.12.07 17:39:47 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\iExpert Software
[2010.11.20 22:35:50 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\IrfanView
[2010.11.06 11:37:19 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\JLC's Software
[2010.12.01 22:23:26 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\OpenOffice.org
[2010.05.31 10:10:36 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\PDF Writer
[2011.03.16 08:19:13 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Raptr
[2011.02.05 20:02:17 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Registry Mechanic
[2010.09.01 13:40:21 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Teleca
[2010.09.20 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Tific
[2011.05.23 14:32:50 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Unified Remote
[2010.07.14 20:34:07 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\VitySoft
[2010.12.06 19:32:21 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Wireshark
[2011.04.01 20:04:20 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\XWindows Dock
[2010.08.04 19:26:54 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Zoner
[2011.06.01 07:50:21 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2009.07.14 07:08:49 | 000,005,414 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(81).TXT
[2009.07.14 07:08:49 | 000,021,038 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\johny.re\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 70,60% Memory free
7,93 Gb Paging File | 6,44 Gb Available in Paging File | 81,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 11,43 Gb Free Space | 11,72% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 207,93 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 69,57 Mb Free Space | 69,57% Space Free | Partition Type: NTFS
Computer Name: JOHNYRE-NTB | User Name: johny.re | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.01 08:12:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
PRC - [2009.12.09 16:01:20 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.10.22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2009.10.22 04:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2009.10.22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2009.10.22 03:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
========== Modules (SafeList) ==========
MOD - [2011.06.01 08:12:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009.07.14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.04.20 04:04:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010.08.04 20:14:03 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.06.15 16:53:52 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010.03.16 17:04:24 | 000,167,280 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.02 00:14:36 | 000,844,328 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2008.07.15 13:09:48 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2007.11.07 09:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2010.08.04 20:13:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.22 05:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2009.10.22 04:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2009.10.22 04:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009.10.22 03:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2009.10.12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.20 04:44:48 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.04.20 04:44:48 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.04.20 03:22:32 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.07.12 14:48:50 | 000,085,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.06.15 16:53:58 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2010.06.15 16:53:42 | 000,041,272 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010.05.27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.05.16 10:43:14 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.10.26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.10.22 05:01:10 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2009.10.22 05:01:04 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2009.10.22 05:00:58 | 000,068,144 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2009.10.22 05:00:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009.10.22 03:47:50 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2009.10.22 00:13:28 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009.10.22 00:13:28 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009.09.28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.07.24 02:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:31:56 | 000,497,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009.03.11 07:36:58 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.03.11 07:36:56 | 000,134,184 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.03.11 07:36:56 | 000,096,296 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.03.11 07:36:56 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2007.08.13 20:48:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007.06.27 13:05:10 | 000,063,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011.05.22 22:51:28 | 000,028,032 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009.10.12 14:31:04 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kb.cz/
IE - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A E8 1E FD 77 F4 CA 01 [binary data]
IE - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.01 07:31:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.06.01 07:31:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\johny.re\AppData\Roaming\Mozilla\Extensions
[2011.06.01 07:31:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2011.04.14 18:38:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.05.31 22:22:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\johny.re\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O15 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..Trusted Ranges: Range1 ([file] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.228.41.65 194.228.41.113
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.06.01 08:12:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
[2011.06.01 07:33:06 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.01 07:31:30 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Local\Mozilla
[2011.06.01 07:31:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.05.31 22:22:57 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.05.31 20:13:03 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.05.31 19:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.05.31 17:35:22 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Desktop\vyhl
[2011.05.31 17:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.05.31 17:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011.05.31 15:37:40 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.05.31 15:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.05.31 15:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011.05.30 23:29:46 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Malwarebytes
[2011.05.30 23:29:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.30 23:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.30 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.30 23:29:05 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.30 23:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.30 23:12:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2011.05.30 23:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.05.30 23:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.05.30 23:06:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011.05.30 23:06:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011.05.30 23:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.05.30 23:04:01 | 022,900,736 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2011.05.30 23:04:01 | 017,693,184 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011.05.30 23:04:01 | 009,319,936 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011.05.30 23:04:01 | 007,768,064 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011.05.30 23:04:01 | 006,389,760 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011.05.30 23:04:01 | 005,440,000 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2011.05.30 23:04:01 | 004,286,464 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2011.05.30 23:04:01 | 004,161,536 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2011.05.30 23:04:01 | 004,056,576 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2011.05.30 23:04:01 | 003,868,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2011.05.30 23:04:01 | 001,923,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011.05.30 23:04:01 | 001,222,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011.05.30 23:04:01 | 000,676,864 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2011.05.30 23:04:01 | 000,480,256 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011.05.30 23:04:01 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011.05.30 23:04:01 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2011.05.30 23:04:01 | 000,366,080 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2011.05.30 23:04:01 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011.05.30 23:04:01 | 000,306,176 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011.05.30 23:04:01 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011.05.30 23:04:01 | 000,262,144 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011.05.30 23:04:01 | 000,203,776 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011.05.30 23:04:01 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011.05.30 23:04:01 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011.05.30 23:04:01 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011.05.30 23:04:01 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011.05.30 23:04:01 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011.05.30 23:04:01 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011.05.30 23:04:01 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011.05.30 23:04:01 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2011.05.30 23:04:01 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011.05.30 23:04:01 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011.05.30 23:04:01 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011.05.30 23:04:01 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011.05.30 23:04:01 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011.05.30 23:04:01 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2011.05.30 23:04:01 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2011.05.30 23:04:01 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011.05.30 23:04:01 | 000,031,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2011.05.30 23:04:01 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2011.05.30 23:04:01 | 000,016,384 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011.05.30 23:04:01 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2011.05.30 23:04:01 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011.05.30 23:04:01 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011.05.30 22:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
[2011.05.30 22:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HWiNFO32
[2011.05.30 19:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.30 19:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.30 19:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.05.26 07:59:19 | 000,000,000 | -H-D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2011.05.26 07:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2011.05.26 07:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2011.05.25 07:18:34 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.05.24 16:04:15 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2011.05.23 18:11:03 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Desktop\Závěrečný projekt - matika
[2011.05.23 17:00:18 | 000,032,768 | ---- | C] (Analog Devices) -- C:\Windows\SysWow64\adidrm.dll
[2011.05.23 17:00:17 | 000,060,928 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysWow64\SFFXComm.dll
[2011.05.23 17:00:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundMAX
[2011.05.23 16:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2011.05.23 16:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Analog Devices
[2011.05.23 16:59:06 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\InstallShield
[2011.05.23 16:16:13 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.05.23 16:16:13 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.05.23 16:16:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.05.23 16:16:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.05.21 18:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.05.21 17:55:21 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.21 17:55:21 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.05.21 17:55:18 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.21 17:55:17 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.21 17:55:16 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.21 17:55:14 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.05.21 17:55:14 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.05.21 17:55:12 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.05.21 17:55:12 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.05.14 11:53:29 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ElcomSoft
[2011.05.14 11:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElcomSoft
[2011.05.14 11:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
[2011.05.14 11:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intelore
[2011.05.10 22:08:31 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Cisco Packet Tracer 5.3.2
[2011.05.10 22:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
[2011.05.10 22:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Packet Tracer 5.3.2
[2011.05.09 17:14:55 | 000,000,000 | ---D | C] -- C:\Users\johny.re\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
[2011.05.08 17:58:26 | 000,000,000 | ---D | C] -- C:\Users\johny.re\Desktop\100MEDIA
[2010.12.25 01:45:21 | 002,691,072 | ---- | C] ( ) -- C:\Windows\ulandi.exe
[2001.11.24 16:24:00 | 002,207,744 | ---- | C] ( ) -- C:\Windows\SysWow64\VBR6.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.01 08:12:14 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\johny.re\Desktop\OTL.exe
[2011.06.01 08:09:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.01 07:57:45 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.01 07:57:45 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.01 07:50:21 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.01 07:50:21 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.06.01 07:50:06 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.06.01 07:49:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.01 07:49:49 | 3193,122,816 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.01 07:41:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
[2011.06.01 07:31:31 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.06.01 07:31:26 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.01 07:29:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.31 22:35:22 | 001,626,486 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.31 22:35:22 | 000,688,290 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.05.31 22:35:22 | 000,671,772 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.31 22:35:22 | 000,144,164 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.05.31 22:35:22 | 000,128,452 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.31 22:22:49 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.05.31 19:29:42 | 000,832,273 | ---- | M] () -- C:\Users\johny.re\Desktop\RSITx64 (1).exe
[2011.05.31 17:09:21 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.31 15:41:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
[2011.05.31 15:37:42 | 000,002,336 | ---- | M] () -- C:\Users\johny.re\Desktop\Google Chrome.lnk
[2011.05.30 23:29:10 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.30 22:01:44 | 000,001,137 | ---- | M] () -- C:\Users\johny.re\Desktop\Adobe Photoshop CS4.lnk
[2011.05.26 07:58:10 | 000,001,078 | ---- | M] () -- C:\Users\johny.re\Desktop\Glary Utilities.lnk
[2011.05.23 08:40:59 | 000,000,384 | ---- | M] () -- C:\Users\johny.re\.packettracer
[2011.05.22 19:23:03 | 000,027,635 | ---- | M] () -- C:\Users\johny.re\Desktop\Zad12.pkt
[2011.05.21 18:02:12 | 001,522,920 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.21 17:48:58 | 000,597,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.10 22:02:12 | 000,001,265 | ---- | M] () -- C:\Users\johny.re\Desktop\Cisco Packet Tracer.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.01 07:31:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.06.01 07:31:26 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.01 07:31:26 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.31 19:29:42 | 000,832,273 | ---- | C] () -- C:\Users\johny.re\Desktop\RSITx64 (1).exe
[2011.05.31 17:09:21 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.31 15:37:42 | 000,002,336 | ---- | C] () -- C:\Users\johny.re\Desktop\Google Chrome.lnk
[2011.05.31 15:36:34 | 000,000,974 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001UA.job
[2011.05.31 15:36:33 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437507757-2190776440-1590838750-1001Core.job
[2011.05.31 15:24:07 | 000,000,956 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.31 15:24:06 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.30 23:29:10 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.30 23:04:01 | 000,989,600 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2011.05.30 23:04:01 | 000,989,600 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2011.05.30 23:04:01 | 000,233,012 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2011.05.30 23:04:01 | 000,165,296 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011.05.30 23:04:01 | 000,032,200 | ---- | C] () -- C:\Windows\atiogl.xml
[2011.05.30 23:04:01 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.05.30 23:04:01 | 000,003,929 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2011.05.30 22:01:44 | 000,001,137 | ---- | C] () -- C:\Users\johny.re\Desktop\Adobe Photoshop CS4.lnk
[2011.05.26 07:58:11 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.05.26 07:58:10 | 000,001,078 | ---- | C] () -- C:\Users\johny.re\Desktop\Glary Utilities.lnk
[2011.05.22 18:10:57 | 000,027,635 | ---- | C] () -- C:\Users\johny.re\Desktop\Zad12.pkt
[2011.05.10 22:02:12 | 000,001,265 | ---- | C] () -- C:\Users\johny.re\Desktop\Cisco Packet Tracer.lnk
[2011.04.19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.08 23:05:55 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.12.30 14:43:50 | 000,000,030 | ---- | C] () -- C:\Program Files (x86)\Exiferupdate.ini
[2010.12.21 11:47:11 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.12.21 11:47:06 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.15 20:51:02 | 000,000,172 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.27 20:57:54 | 000,000,030 | ---- | C] () -- C:\Windows\USDL_GrandPrix_v1.6.4_VISTA.INI
[2010.09.19 12:17:14 | 000,259,440 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2010.09.01 17:23:40 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.07.14 20:28:14 | 000,000,292 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010.07.14 20:25:04 | 000,000,598 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2010.07.14 20:24:52 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.06.03 20:34:54 | 000,000,868 | ---- | C] () -- C:\Windows\SysWow64\SP7302.INI
[2010.06.03 18:53:27 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.06.03 18:46:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.05.26 22:21:39 | 001,522,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.15 23:21:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[1993.07.23 19:31:02 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll
========== LOP Check ==========
[2011.04.01 19:16:01 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\.minecraft
[2011.02.18 23:30:04 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Arduino
[2011.02.12 00:17:47 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Audacity
[2010.12.13 09:22:28 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Autodesk
[2011.05.31 15:04:35 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Azureus
[2010.07.14 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\BITS
[2010.12.11 23:15:22 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\BlackBean
[2010.11.15 00:48:53 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\CadSoft
[2010.11.15 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\DAEMON Tools Lite
[2010.10.18 12:29:40 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Dev-Cpp
[2010.07.14 20:24:38 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\FlashGet
[2010.07.14 20:24:35 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\FlashGetBHO
[2011.05.26 07:59:18 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\GlarySoft
[2010.11.19 18:09:17 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\gtk-2.0
[2011.05.31 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\ICQ
[2010.12.07 17:39:47 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\iExpert Software
[2010.11.20 22:35:50 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\IrfanView
[2010.11.06 11:37:19 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\JLC's Software
[2010.12.01 22:23:26 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\OpenOffice.org
[2010.05.31 10:10:36 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\PDF Writer
[2011.03.16 08:19:13 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Raptr
[2011.02.05 20:02:17 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Registry Mechanic
[2010.09.01 13:40:21 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Teleca
[2010.09.20 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Tific
[2011.05.23 14:32:50 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Unified Remote
[2010.07.14 20:34:07 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\VitySoft
[2010.12.06 19:32:21 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Wireshark
[2011.04.01 20:04:20 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\XWindows Dock
[2010.08.04 19:26:54 | 000,000,000 | ---D | M] -- C:\Users\johny.re\AppData\Roaming\Zoner
[2011.06.01 07:50:21 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2009.07.14 07:08:49 | 000,005,414 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(81).TXT
[2009.07.14 07:08:49 | 000,021,038 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
Re: Chrome nepřehraje video
OTL Extras logfile created on: 1.6.2011 8:13:34 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\johny.re\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 70,60% Memory free
7,93 Gb Paging File | 6,44 Gb Available in Paging File | 81,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 11,43 Gb Free Space | 11,72% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 207,93 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 69,57 Mb Free Space | 69,57% Space Free | Partition Type: NTFS
Computer Name: JOHNYRE-NTB | User Name: johny.re | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F870E-BCF6-F19F-A154-B3488407F467}" = ccc-utility64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{29C93182-34F6-3275-A18D-59326851CD57}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-8001-0405-0102-0060B0CE6BBA}" = AutoCAD 2010 - česky
"{5783F2D7-8001-0405-1102-0060B0CE6BBA}" = Jazykový balíček aplikace AutoCAD 2010 - čeština
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{64D5BBC6-5270-3711-AA39-31C1087AF4E6}" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"{6C30F9EF-5032-925C-1905-D87E8472EB85}" = ATI Catalyst Install Manager
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}" = Visual Studio .NET Prerequisites - English
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E34038BB-5358-3890-B5C8-37C5FE817806}" = WMV9/VC-1 Video Playback
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}" = Microsoft Device Emulator (64 bit) version 3.0 - ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6197679-051D-4E3E-9757-4D5CDA6D658B}" = Microsoft Antimalware Service CS-CZ Language Pack
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client CS-CZ Language Pack
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"AutoCAD 2010 - česky" = AutoCAD 2010 - česky
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1159
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2008 Remote Debugger - ENU" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{470E9A78-A276-46EB-85F1-05625C766889}" = HTC Sync
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5AFBC2F3-D3F5-660A-A2AD-CAD3E8EDA1D7}" = CCC Help English
"{63953BA4-7F92-98F7-B99D-FEB4B7BF6905}" = Catalyst Control Center Localization All
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABA8CC0-E3DE-4434-A7C7-180E153429B4}" = Unified Remote
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7753A3B2-E858-F0B3-3DD9-C027B16CBB81}" = Catalyst Control Center InstallProxy
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
"{E2616F7B-9E5B-7B21-EDB0-5659A5A4DDA1}" = Catalyst Control Center Graphics Previews Common
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FEF90494-3911-A844-2622-545BD4008231}" = Catalyst Control Center
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"8461-7759-5462-8226" = Vuze
"Absolute Uninstaller_is1" = Absolute Uninstaller 1.52
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Cisco Networking Academy curriculum_is1" = Cisco Networking Academy curriculum 4.0.0.2
"Cisco Packet Tracer 5.3.2_is1" = Cisco Packet Tracer 5.3.2
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"EAGLE 5.10.0" = EAGLE 5.10.0
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"Exifer_is1" = Exifer
"FastStone Capture" = FastStone Capture 6.3
"Glary Utilities_is1" = Glary Utilities 2.33.0.1158
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"GTR Evolution_1.1.1.2_is1" = GTR Evolution
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HWiNFO32_is1" = HWiNFO32 Version 3.80
"InstallShield_{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Basic)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Landi 11" = Landi 11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
"Mozilla Firefox 4.0.1 (x86 cs)" = Mozilla Firefox 4.0.1 (x86 cs)
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PSPad editor_is1" = PSPad editor
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Veetle TV" = Veetle TV 0.9.18
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VLC media player" = VLC media player 1.1.4
"VMware_Workstation" = VMware Workstation
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.4.2
"XWindows Dock_is1" = XWindows Dock
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"Google Chrome" = Google Chrome
"Qip 2010 packverze: 3341 s IRC protokolem" = Qip 2010 pack verze: 3341 s IRC protokolem
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.5.2011 12:50:10 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\Users\johny.re\downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 24.5.2011 12:50:17 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\Users\johny.re\downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 24.5.2011 17:29:48 | Computer Name = johnyre-NTB | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7c8f9 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000028359
ID
chybujícího procesu: 0xe20 Čas spuštění chybující aplikace: 0x01cc195ab460475c Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: f343f092-864c-11e0-9991-00247e8c45d9
Error - 25.5.2011 5:15:25 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 26.5.2011 3:08:48 | Computer Name = johnyre-NTB | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SynTPEnh.exe, verze: 15.0.17.4, časové razítko:
0x4bfeed67 Název chybujícího modulu: SynTPEnh.exe, verze: 15.0.17.4, časové razítko:
0x4bfeed67 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000604c4 ID chybujícího
procesu: 0xec0 Čas spuštění chybující aplikace: 0x01cc1a9a9bb291c5 Cesta k chybující
aplikaci: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Cesta k chybujícímu modulu:
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ID zprávy: ffdade37-8766-11e0-9c78-00247e8c45d9
Error - 29.5.2011 14:32:47 | Computer Name = johnyre-NTB | Source = Windows Backup | ID = 4103
Description =
Error - 30.5.2011 5:27:47 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 30.5.2011 12:40:00 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\johny.re\Downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 30.5.2011 12:40:02 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\johny.re\Downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 31.5.2011 12:40:14 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ Media Center Events ]
Error - 2.10.2010 11:07:02 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 17:07:00 - Chyba při připojování k Internetu 17:07:00 - Nelze kontaktovat
server..
Error - 4.10.2010 11:44:51 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 17:44:51 - Chyba při připojování k Internetu 17:44:51 - Nelze kontaktovat
server..
Error - 6.10.2010 9:23:16 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 15:23:16 - Chyba při připojování k Internetu 15:23:16 - Nelze kontaktovat
server..
Error - 7.10.2010 9:24:52 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 15:24:52 - Chyba při připojování k Internetu 15:24:52 - Nelze kontaktovat
server..
Error - 8.10.2010 10:39:44 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 16:39:44 - Chyba při připojování k Internetu 16:39:44 - Nelze kontaktovat
server..
Error - 11.10.2010 10:28:26 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 16:28:26 - Chyba při připojování k Internetu 16:28:26 - Nelze kontaktovat
server..
Error - 12.10.2010 0:08:32 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 6:08:28 - Chyba při připojování k Internetu 6:08:28 - Nelze kontaktovat
server..
Error - 12.10.2010 8:26:57 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 14:26:57 - Chyba při připojování k Internetu 14:26:57 - Nelze kontaktovat
server..
Error - 12.10.2010 8:27:04 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 14:27:02 - Chyba při připojování k Internetu 14:27:02 - Nelze kontaktovat
server..
Error - 17.10.2010 2:31:41 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 8:31:38 - Chyba při připojování k Internetu 8:31:38 - Nelze kontaktovat
server..
[ System Events ]
Error - 1.6.2011 1:18:25 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
Error - 1.6.2011 1:34:27 | Computer Name = johnyre-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (7:32:45, ?1.?6.?2011) bylo neočekávané.
Error - 1.6.2011 1:34:36 | Computer Name = johnyre-NTB | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 1.6.2011 1:35:01 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
Error - 1.6.2011 1:44:02 | Computer Name = johnyre-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (7:42:18, ?1.?6.?2011) bylo neočekávané.
Error - 1.6.2011 1:44:11 | Computer Name = johnyre-NTB | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 1.6.2011 1:44:33 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
Error - 1.6.2011 1:49:56 | Computer Name = johnyre-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (7:47:53, ?1.?6.?2011) bylo neočekávané.
Error - 1.6.2011 1:50:05 | Computer Name = johnyre-NTB | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 1.6.2011 1:50:29 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
< End of report >
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\johny.re\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,97 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 70,60% Memory free
7,93 Gb Paging File | 6,44 Gb Available in Paging File | 81,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 11,43 Gb Free Space | 11,72% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 207,93 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 69,57 Mb Free Space | 69,57% Space Free | Partition Type: NTFS
Computer Name: JOHNYRE-NTB | User Name: johny.re | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F870E-BCF6-F19F-A154-B3488407F467}" = ccc-utility64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{29C93182-34F6-3275-A18D-59326851CD57}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-8001-0405-0102-0060B0CE6BBA}" = AutoCAD 2010 - česky
"{5783F2D7-8001-0405-1102-0060B0CE6BBA}" = Jazykový balíček aplikace AutoCAD 2010 - čeština
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{64D5BBC6-5270-3711-AA39-31C1087AF4E6}" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"{6C30F9EF-5032-925C-1905-D87E8472EB85}" = ATI Catalyst Install Manager
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}" = Visual Studio .NET Prerequisites - English
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E34038BB-5358-3890-B5C8-37C5FE817806}" = WMV9/VC-1 Video Playback
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}" = Microsoft Device Emulator (64 bit) version 3.0 - ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6197679-051D-4E3E-9757-4D5CDA6D658B}" = Microsoft Antimalware Service CS-CZ Language Pack
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client CS-CZ Language Pack
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"AutoCAD 2010 - česky" = AutoCAD 2010 - česky
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1159
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2008 Remote Debugger - ENU" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{470E9A78-A276-46EB-85F1-05625C766889}" = HTC Sync
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5AFBC2F3-D3F5-660A-A2AD-CAD3E8EDA1D7}" = CCC Help English
"{63953BA4-7F92-98F7-B99D-FEB4B7BF6905}" = Catalyst Control Center Localization All
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABA8CC0-E3DE-4434-A7C7-180E153429B4}" = Unified Remote
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7753A3B2-E858-F0B3-3DD9-C027B16CBB81}" = Catalyst Control Center InstallProxy
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
"{E2616F7B-9E5B-7B21-EDB0-5659A5A4DDA1}" = Catalyst Control Center Graphics Previews Common
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FEF90494-3911-A844-2622-545BD4008231}" = Catalyst Control Center
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"8461-7759-5462-8226" = Vuze
"Absolute Uninstaller_is1" = Absolute Uninstaller 1.52
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Cisco Networking Academy curriculum_is1" = Cisco Networking Academy curriculum 4.0.0.2
"Cisco Packet Tracer 5.3.2_is1" = Cisco Packet Tracer 5.3.2
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"EAGLE 5.10.0" = EAGLE 5.10.0
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"Exifer_is1" = Exifer
"FastStone Capture" = FastStone Capture 6.3
"Glary Utilities_is1" = Glary Utilities 2.33.0.1158
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"GTR Evolution_1.1.1.2_is1" = GTR Evolution
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HWiNFO32_is1" = HWiNFO32 Version 3.80
"InstallShield_{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Basic)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Landi 11" = Landi 11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
"Mozilla Firefox 4.0.1 (x86 cs)" = Mozilla Firefox 4.0.1 (x86 cs)
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PSPad editor_is1" = PSPad editor
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Veetle TV" = Veetle TV 0.9.18
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VLC media player" = VLC media player 1.1.4
"VMware_Workstation" = VMware Workstation
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.4.2
"XWindows Dock_is1" = XWindows Dock
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"Google Chrome" = Google Chrome
"Qip 2010 packverze: 3341 s IRC protokolem" = Qip 2010 pack verze: 3341 s IRC protokolem
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.5.2011 12:50:10 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\Users\johny.re\downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 24.5.2011 12:50:17 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\Users\johny.re\downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 24.5.2011 17:29:48 | Computer Name = johnyre-NTB | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7c8f9 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000028359
ID
chybujícího procesu: 0xe20 Čas spuštění chybující aplikace: 0x01cc195ab460475c Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: f343f092-864c-11e0-9991-00247e8c45d9
Error - 25.5.2011 5:15:25 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 26.5.2011 3:08:48 | Computer Name = johnyre-NTB | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SynTPEnh.exe, verze: 15.0.17.4, časové razítko:
0x4bfeed67 Název chybujícího modulu: SynTPEnh.exe, verze: 15.0.17.4, časové razítko:
0x4bfeed67 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000604c4 ID chybujícího
procesu: 0xec0 Čas spuštění chybující aplikace: 0x01cc1a9a9bb291c5 Cesta k chybující
aplikaci: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Cesta k chybujícímu modulu:
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ID zprávy: ffdade37-8766-11e0-9c78-00247e8c45d9
Error - 29.5.2011 14:32:47 | Computer Name = johnyre-NTB | Source = Windows Backup | ID = 4103
Description =
Error - 30.5.2011 5:27:47 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 30.5.2011 12:40:00 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\johny.re\Downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 30.5.2011 12:40:02 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\johny.re\Downloads\esetsmartinstaller_sky.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 31.5.2011 12:40:14 | Computer Name = johnyre-NTB | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ Media Center Events ]
Error - 2.10.2010 11:07:02 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 17:07:00 - Chyba při připojování k Internetu 17:07:00 - Nelze kontaktovat
server..
Error - 4.10.2010 11:44:51 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 17:44:51 - Chyba při připojování k Internetu 17:44:51 - Nelze kontaktovat
server..
Error - 6.10.2010 9:23:16 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 15:23:16 - Chyba při připojování k Internetu 15:23:16 - Nelze kontaktovat
server..
Error - 7.10.2010 9:24:52 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 15:24:52 - Chyba při připojování k Internetu 15:24:52 - Nelze kontaktovat
server..
Error - 8.10.2010 10:39:44 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 16:39:44 - Chyba při připojování k Internetu 16:39:44 - Nelze kontaktovat
server..
Error - 11.10.2010 10:28:26 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 16:28:26 - Chyba při připojování k Internetu 16:28:26 - Nelze kontaktovat
server..
Error - 12.10.2010 0:08:32 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 6:08:28 - Chyba při připojování k Internetu 6:08:28 - Nelze kontaktovat
server..
Error - 12.10.2010 8:26:57 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 14:26:57 - Chyba při připojování k Internetu 14:26:57 - Nelze kontaktovat
server..
Error - 12.10.2010 8:27:04 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 14:27:02 - Chyba při připojování k Internetu 14:27:02 - Nelze kontaktovat
server..
Error - 17.10.2010 2:31:41 | Computer Name = johnyre-NTB | Source = MCUpdate | ID = 0
Description = 8:31:38 - Chyba při připojování k Internetu 8:31:38 - Nelze kontaktovat
server..
[ System Events ]
Error - 1.6.2011 1:18:25 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
Error - 1.6.2011 1:34:27 | Computer Name = johnyre-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (7:32:45, ?1.?6.?2011) bylo neočekávané.
Error - 1.6.2011 1:34:36 | Computer Name = johnyre-NTB | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 1.6.2011 1:35:01 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
Error - 1.6.2011 1:44:02 | Computer Name = johnyre-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (7:42:18, ?1.?6.?2011) bylo neočekávané.
Error - 1.6.2011 1:44:11 | Computer Name = johnyre-NTB | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 1.6.2011 1:44:33 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
Error - 1.6.2011 1:49:56 | Computer Name = johnyre-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (7:47:53, ?1.?6.?2011) bylo neočekávané.
Error - 1.6.2011 1:50:05 | Computer Name = johnyre-NTB | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 1.6.2011 1:50:29 | Computer Name = johnyre-NTB | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842
< End of report >
Re: Chrome nepřehraje video
Spust program OTL
do okna skopiruj zeleny text a klikni na OPRAVIT
log po restarte vloz sem.
A odskusaj flash player
do okna skopiruj zeleny text a klikni na OPRAVIT
log po restarte vloz sem.
A odskusaj flash player
Kód: Vybrat vše
:OTL
IE - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A E8 1E FD 77 F4 CA 01 [binary data]
O3 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]
Re: Chrome nepřehraje video
All processes killed
========== OTL ==========
HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
Registry value HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
C:\Windows\SysWow64\tmp8E29.tmp deleted successfully.
C:\Windows\SysWow64\tmp8E3A.tmp deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: johny.re
->Temp folder emptied: 3455448 bytes
->Temporary Internet Files folder emptied: 880595 bytes
->Java cache emptied: 6397304 bytes
->FireFox cache emptied: 15829134 bytes
->Google Chrome cache emptied: 25729206 bytes
->Flash cache emptied: 13997 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39271 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67911 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 50,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: johny.re
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.23.0 log created on 06012011_090540
Files\Folders moved on Reboot...
File move failed. C:\Users\johny.re\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-300.log moved successfully.
========== OTL ==========
HKU\S-1-5-21-3437507757-2190776440-1590838750-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
Registry value HKEY_USERS\S-1-5-21-3437507757-2190776440-1590838750-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
C:\Windows\SysWow64\tmp8E29.tmp deleted successfully.
C:\Windows\SysWow64\tmp8E3A.tmp deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: johny.re
->Temp folder emptied: 3455448 bytes
->Temporary Internet Files folder emptied: 880595 bytes
->Java cache emptied: 6397304 bytes
->FireFox cache emptied: 15829134 bytes
->Google Chrome cache emptied: 25729206 bytes
->Flash cache emptied: 13997 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39271 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67911 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 50,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: johny.re
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.23.0 log created on 06012011_090540
Files\Folders moved on Reboot...
File move failed. C:\Users\johny.re\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-300.log moved successfully.
Re: Chrome nepřehraje video
no odskusaj vsetky prehliadace na youtube, ci prehraju video.